Login Sign Up

CVE-2023-26984

8.1 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability in Peppermint v0.2.4 allows attackers to bypass authorization and access sensitive email and password data from the Tickets page through a crafted password reset request. It affects all users running the vulnerable version of Peppermint, potentially exposing authentication credentials and personal information.

💻 Affected Systems

Products:
  • Peppermint
Versions: v0.2.4
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Peppermint v0.2.4; earlier versions may also be vulnerable but not confirmed.

📦 What is this software?

Peppermint by Peppermint

View all CVEs affecting Peppermint →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain unauthorized access to all email addresses and passwords stored in the Tickets system, leading to credential theft, account compromise, and potential lateral movement within the organization.

🟠

Likely Case

Attackers harvest email addresses and passwords for credential stuffing attacks, phishing campaigns, or unauthorized access to user accounts.

🟢

If Mitigated

With proper access controls and monitoring, unauthorized access attempts are detected and blocked before sensitive data is exfiltrated.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit requires crafting specific HTTP requests to the password reset endpoint; proof-of-concept code is publicly available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available; upgrade to a newer version if available or apply workarounds.

🔧 Temporary Workarounds

Disable Password Reset Function

all

Temporarily disable the password reset functionality to prevent exploitation.

Modify application configuration to disable password reset endpoints

Implement Rate Limiting

all

Add rate limiting to password reset requests to reduce attack surface.

Configure web server or application firewall to limit requests to /reset-password endpoint

🧯 If You Can't Patch

  • Restrict network access to Peppermint instance to trusted IPs only
  • Implement strong authentication and monitoring for suspicious password reset attempts

🔍 How to Verify

Check if Vulnerable:

Check if running Peppermint v0.2.4; test by attempting to access Tickets data via crafted password reset request.

Check Version:

Check application version in web interface or configuration files

Verify Fix Applied:

Verify password reset function is disabled or patched; test exploitation attempts fail.

📡 Detection & Monitoring

Log Indicators:

  • Unusual volume of password reset requests
  • Access to Tickets data from unauthorized IPs

Network Indicators:

  • HTTP requests to password reset endpoint with crafted parameters

SIEM Query:

source="peppermint" AND (url="/reset-password" OR event="password_reset") AND status=200

📊 Metadata

CVE ID: CVE-2023-26984
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-639
Published: March 29, 2023
Last Updated: February 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-26984, you might also want to check these:

CVE-2025-40805 10.0

This critical vulnerability allows unauthenticated remote attackers to bypass authentication on spec...

Same vulnerability type (CWE-639)
CVE-2024-45032 10.0

This critical vulnerability allows unauthenticated remote attackers to impersonate legitimate device...

Same vulnerability type (CWE-639)
CVE-2025-0987 9.9

CVE-2025-0987 is an authorization bypass vulnerability in CB Project Ltd. Co. CVLand software that a...

Same vulnerability type (CWE-639)