Login Sign Up

CVE-2024-48428

9.8 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability in Olive VLE allows attackers to obtain sensitive information through the password reset function, potentially leading to account takeover. It affects all Olive VLE instances with the vulnerable password reset implementation. Attackers can exploit this to access user accounts and sensitive data.

💻 Affected Systems

Products:
  • Olive VLE
Versions: All versions prior to patch
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all Olive VLE deployments with the vulnerable password reset implementation.

📦 What is this software?

Olivevle by Olivegroup

View all CVEs affecting Olivevle →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete account takeover of any user, including administrators, leading to data theft, privilege escalation, and system compromise.

🟠

Likely Case

Account takeover of regular users, unauthorized access to personal information, and potential lateral movement within the system.

🟢

If Mitigated

Limited impact if strong authentication controls, rate limiting, and monitoring are in place to detect suspicious password reset attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public write-ups and proof-of-concepts available demonstrating exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.olivevle.com/

Restart Required: No

Instructions:

Check Olive VLE vendor website for security updates and patch announcements. Apply any available patches immediately.

🔧 Temporary Workarounds

Disable Password Reset Function

all

Temporarily disable the password reset functionality until a patch is available.

Modify Olive VLE configuration to disable password reset feature

Implement Rate Limiting

all

Add rate limiting to password reset requests to prevent brute force attacks.

Configure web server or application firewall to limit password reset requests

🧯 If You Can't Patch

  • Implement network segmentation to isolate Olive VLE instances
  • Enable detailed logging and monitoring of all password reset attempts

🔍 How to Verify

Check if Vulnerable:

Test password reset functionality for information leakage or token manipulation vulnerabilities.

Check Version:

Check Olive VLE admin panel or configuration files for version information.

Verify Fix Applied:

Verify password reset tokens are properly validated and not guessable or predictable.

📡 Detection & Monitoring

Log Indicators:

  • Unusual volume of password reset requests
  • Password reset attempts from suspicious IPs
  • Multiple failed password reset attempts for same account

Network Indicators:

  • Unusual patterns in password reset API calls
  • Requests manipulating password reset parameters

SIEM Query:

source="olive_vle" AND (event="password_reset" AND count>10) OR (event="password_reset" AND status="success" AND ip NOT IN trusted_ips)

📊 Metadata

CVE ID: CVE-2024-48428
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-640
Published: October 25, 2024
Last Updated: March 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-48428, you might also want to check these:

CVE-2023-7028 10.0

This critical vulnerability in GitLab allows attackers to hijack user accounts by intercepting passw...

Same vulnerability type (CWE-640)
CVE-2025-63314 10.0

CVE-2025-63314 is a critical authentication bypass vulnerability in DDSN Interactive Acora CMS v10.7...

Same vulnerability type (CWE-640)
CVE-2021-22731 9.8

This vulnerability allows remote attackers to change passwords on Modicon Managed Switches without a...

Same vulnerability type (CWE-640)