Login Sign Up

CVE-2020-25837

7.5 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability in Micro Focus Self Service Password Reset (SSPR) allows attackers to access sensitive information in certain configurations. It affects SSPR versions 4.4.0.0-4.4.0.6 and 4.5.0.1-4.5.0.2. Organizations using these versions with vulnerable configurations are at risk of data exposure.

💻 Affected Systems

Products:
  • Micro Focus Self Service Password Reset (SSPR)
Versions: 4.4.0.0 to 4.4.0.6 and 4.5.0.1 to 4.5.0.2
Operating Systems: Windows, Linux (if SSPR is deployed on these platforms)
Default Config Vulnerable: ✅ No
Notes: Vulnerability only exists in certain configurations according to description. Specific vulnerable configurations not detailed in provided references.

📦 What is this software?

Self Service Password Reset by Microfocus

View all CVEs affecting Self Service Password Reset →

Self Service Password Reset by Microfocus

View all CVEs affecting Self Service Password Reset →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete disclosure of sensitive user information, credentials, or configuration data leading to account compromise and lateral movement.

🟠

Likely Case

Exposure of user data, password reset information, or system configuration details that could facilitate further attacks.

🟢

If Mitigated

Limited or no data exposure if proper access controls and network segmentation are implemented.

🌐 Internet-Facing: HIGH - If SSPR is internet-facing, attackers can directly exploit this without internal access.
🏢 Internal Only: MEDIUM - Internal attackers or compromised accounts could exploit this to gather sensitive information.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Information disclosure vulnerabilities typically have low exploitation complexity. No public exploit details available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.4.0.7 for 4.4.x branch, 4.5.0.3 for 4.5.x branch

Vendor Advisory: https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p7/data/release-notes-sspr-44-p7.html

Restart Required: Yes

Instructions:

1. Download SSPR patch from Micro Fix portal. 2. Backup current SSPR installation. 3. Apply patch according to vendor instructions. 4. Restart SSPR services. 5. Verify patch installation.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to SSPR to only trusted IP ranges and internal networks

Configuration Hardening

all

Review and harden SSPR configuration to eliminate vulnerable settings

🧯 If You Can't Patch

  • Isolate SSPR system from internet and restrict internal network access
  • Implement additional authentication layers and monitor for unusual access patterns

🔍 How to Verify

Check if Vulnerable:

Check SSPR version in administration console or configuration files. Compare against affected versions.

Check Version:

Check SSPR web interface administration panel or review installation logs for version information.

Verify Fix Applied:

Verify SSPR version shows 4.4.0.7 or higher for 4.4.x, or 4.5.0.3 or higher for 4.5.x.

📡 Detection & Monitoring

Log Indicators:

  • Unusual access patterns to SSPR endpoints
  • Multiple failed authentication attempts followed by information requests

Network Indicators:

  • Unusual data volume from SSPR system
  • Requests to sensitive SSPR endpoints from unexpected sources

SIEM Query:

source="sspr" AND (event_type="data_access" OR uri_path CONTAINS "/sensitive/") AND src_ip NOT IN (trusted_ips)

📊 Metadata

CVE ID: CVE-2020-25837
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Published: November 5, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON