CVE-2023-25171
published 2023-02-15CVE-2023-25171: Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service…
PriorityP429medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
EPSS
0.91%
55.4th percentile
Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. Users should upgrade to v12.0 or later to receive a patch. As potential workarounds, users may install and configure a rate-limiting proxy in front of Kiwi TCMS and/or configure rate limits on their email server when possible.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kiwitcms | kiwi | >= 12.0 < 12.0 | 12.0 |
| kiwitcms | kiwi_tcms | < 12.0 | 12.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Denial of service vulnerability on Password reset page
ghsa·2023-02-15
CVE-2023-25171 [HIGH] CWE-770 Denial of service vulnerability on Password reset page
Denial of service vulnerability on Password reset page
### Impact
Previous versions of Kiwi TCMS do not impose rate limits which makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources.
### Patches
Users should upgrade to v12.0 or later.
### Workarounds
Users may install and configure a rate-limiting proxy in front of Kiwi TCMS such as Nginx and/or configure rate limits on their email server when possible.
### References
[Disclosed by Ahmed Rabeaa Mosaa](https://huntr.dev/bounties/3b712cb6-3fa3-4f71-8562-7a7016c6262e)
OSV
Denial of service vulnerability on Password reset page
osv·2023-02-15
CVE-2023-25171 [HIGH] Denial of service vulnerability on Password reset page
Denial of service vulnerability on Password reset page
### Impact
Previous versions of Kiwi TCMS do not impose rate limits which makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources.
### Patches
Users should upgrade to v12.0 or later.
### Workarounds
Users may install and configure a rate-limiting proxy in front of Kiwi TCMS such as Nginx and/or configure rate limits on their email server when possible.
### References
[Disclosed by Ahmed Rabeaa Mosaa](https://huntr.dev/bounties/3b712cb6-3fa3-4f71-8562-7a7016c6262e)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/kiwitcms/Kiwi/commit/761305d04f5910ba14cc04d1255a8f1afdbb87f3https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-7j9h-3jxf-3vrfhttps://huntr.dev/bounties/3b712cb6-3fa3-4f71-8562-7a7016c6262ehttps://kiwitcms.org/blog/kiwi-tcms-team/2023/02/15/kiwi-tcms-120/https://github.com/kiwitcms/Kiwi/commit/761305d04f5910ba14cc04d1255a8f1afdbb87f3https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-7j9h-3jxf-3vrfhttps://huntr.dev/bounties/3b712cb6-3fa3-4f71-8562-7a7016c6262ehttps://kiwitcms.org/blog/kiwi-tcms-team/2023/02/15/kiwi-tcms-120/
2023-02-15
Published