What is CVE-2017-8295?

CVE-2017-8295 is tracked as a Vulnerability issue affecting the Core WordPress.

Which WordPress versions are affected?

The primary affected range is Versions before 5.5.

How should operators remediate CVE-2017-8295?

Update to 5.5 or newer where that release is compatible with the site.

Vulnerability Report

Core Medium Patch path listed CVE-2017-8295

Wordpress Core < 5.5 - Unauthorized Password Reset via Interception

WordPress up to version 5.5 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message.

Quick Answer

CVE-2017-8295 is a medium severity with CVSS 5.9 Vulnerability issue affecting the Core WordPress. It affects Versions before 5.5 and is fixed in 5.5.

Back to Feed Open CVE Reference

Published

May 03, 2017

Last Updated

Feb 15, 2024

Slug

wordpress

Risk Profile

5.9 CVSS Score

Weakness

Weak Password Recovery Mechanism for Forgotten Password

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Researchers

Dawid Golunski

Operational Summary

What the operator needs to know

Share Email

Patch Status

Patched release is available

Remediation

Update to version 5.5, or a newer patched version

Operator Briefing

CVE-2017-8295 is tracked for the Core WordPress as medium severity with CVSS 5.9. The affected range is Versions before 5.5. Update WordPress to 5.5 or newer where that version is compatible with the site.

Issue Type

Vulnerability

Primary Fixed Version

5.5

Primary Affected Range

Versions before 5.5

Tracking ID

CVE-2017-8295

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/254b5dd2-c3d9-45d9-8328-6cc8ef29c9db?source=api-prod

Detailed Metadata

Software Type	Core
Software Slug	wordpress
CVE	CVE-2017-8295
Patched Versions	5.5
Affected Versions	Versions before 5.5

Licensing Notices

This record contains material that is subject to copyright

DEFIANT

License: Defiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy. Read more

MITRE

License: CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy. Read more