Vulnerability Description
Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd instance. To exploit the vulnerability, one must register with a username identical to the victim's username, but with white space inserted before and/or after the username. This will register the account with the same username as the victim. After initiating a password reset for the new account, CTFd will reset the victim's account password due to the username collision.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ctfd | Ctfd | >= 2.0.0, <= 2.2.2 |
Related Weaknesses (CWE)
References
- https://github.com/CTFd/CTFd/pull/1218Third Party Advisory
- https://github.com/CTFd/CTFd/releases/tag/2.2.3Release Notes
- https://github.com/CTFd/CTFd/pull/1218Third Party Advisory
- https://github.com/CTFd/CTFd/releases/tag/2.2.3Release Notes
FAQ
What is CVE-2020-7245?
CVE-2020-7245 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd insta...
How severe is CVE-2020-7245?
CVE-2020-7245 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-7245?
Check the references section above for vendor advisories and patch information. Affected products include: Ctfd Ctfd.