CVE-2024-51478 — AI Deep Analysis Summary

🚨 **Essence**: YesWiki < 4.4.5 has a critical encryption flaw. 📉 **Consequences**: Attackers can recover password reset keys. This leads to unauthorized account takeover and full system compromise. 💥

🛡️ **Root Cause**: CWE-327 (Use of a Broken/Risky Cryptographic Algorithm). 🐛 **Flaw**: Weak encryption + Hardcoded hashing for password reset keys. 🔑 The keys are predictable and reversible.

🏢 **Vendor**: YesWiki (French Wiki System). 💻 **Product**: YesWiki. 📅 **Affected**: Versions **before 4.4.5**. ⚠️ If you are running 4.4.4 or older, you are vulnerable.

🕵️ **Hacker Action**: Recover the hardcoded reset key. 🔄 Use it to reset ANY user's password. 🔓 **Privileges**: Full account access. 📊 **Data**: Complete confidentiality breach (C:H) and integrity loss (I:L).

📉 **Threshold**: LOW. 🌐 **Auth**: None required (PR:N). 🖱️ **UI**: None required. 🚀 **Complexity**: Low (AC:L). It is an easy, remote exploit for anyone.

🚫 **Public Exploit**: No specific PoC code provided in data. 📜 **References**: GitHub commits and GHSA advisory exist.…

🔍 **Check**: Verify your YesWiki version. 📋 **Scan**: Look for version < 4.4.5. 🧪 **Test**: Check if password reset functionality uses the weak/hardcoded hash mechanism described in the advisory.…

✅ **Fixed**: Yes. 📦 **Patch**: Upgrade to **YesWiki 4.4.5** or later. 🔗 **Source**: See GitHub commits and GHSA-4fvx-h823-38v3 for official fix details. 🔄 Immediate update recommended.

🚧 **Workaround**: If you cannot upgrade immediately: 1. Disable public password reset if possible. 2. Monitor admin logs for suspicious reset attempts. 3. Isolate the instance from the internet.…

🔥 **Urgency**: HIGH. 🚨 **Priority**: Critical. ⚡ CVSS Score indicates High Confidentiality impact. 🏃‍♂️ **Action**: Patch immediately. This allows easy account takeover without authentication.