CVE-2025-46047
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2025-09-04

Assigner: MITRE

Description
A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid usernames via the Login parameter.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2025-09-04
Generated
2026-06-16
AI Q&A
2025-09-02
EPSS Evaluated
2026-06-15
NVD
CVE-2025-46047
EUVD
EUVD-2025-26451
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
silverpeas silverpeas 6.4.1
silverpeas silverpeas 6.4.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-46047 is a username enumeration vulnerability in Silverpeas versions 6.4.1 and 6.4.2. It exists in the /CredentialsServlet/ForgotPassword endpoint, where an attacker can send a POST request with a username in the Login parameter. The server responds differently depending on whether the username is valid or not (HTTP 200 OK for valid usernames and HTTP 302 Found for invalid ones). This difference in response allows remote attackers to determine which usernames are valid on the system without authentication. [2]

Impact Analysis

This vulnerability allows an unauthenticated remote attacker to enumerate valid usernames on the Silverpeas system. Knowing valid usernames can facilitate further attacks such as password guessing, phishing, or social engineering. It can also expose user information that should remain confidential, potentially leading to unauthorized access or data breaches. [2]

Compliance Impact

This vulnerability can negatively impact compliance with standards like GDPR and HIPAA because it leaks information about valid user accounts, which is considered personal or sensitive information. Such information disclosure can violate data protection requirements that mandate safeguarding user data against unauthorized access or exposure. Organizations must address this vulnerability to maintain compliance and protect user privacy. [2]

Detection Guidance

This vulnerability can be detected by sending POST requests to the /silverpeas/CredentialsServlet/ForgotPassword endpoint with different usernames in the 'Login' parameter and observing the HTTP response codes. Valid usernames return HTTP 200 OK, while invalid usernames return HTTP 302 Found. A proof-of-concept Python script named silverpeas_enum_poc.py automates this process by sending requests and analyzing responses to enumerate valid usernames. [2]

Mitigation Strategies

Immediate mitigation steps include upgrading Silverpeas to version 6.4.3 or later, where the vulnerability is fixed by removing the ability to change passwords directly through the login page, implementing uniform error handling that does not reveal username validity, and ensuring HTTP responses do not differ based on username validity. These changes prevent user enumeration by providing consistent responses to password reset requests. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-46047. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart