Description
EspoCRM 5.7.0 prior to 5.9.0 contains an authentication token reuse vulnerability that allows authenticated attackers to bypass two-factor authentication by exploiting token-to-password-hash mapping in application/Espo/Core/Utils/Authentication/Espo.php. Attackers can obtain an authentication token for a controlled account and replay it against any victim account sharing the same password, since tokens are bound to password hashes rather than unique per-user values, bypassing the victim's 2FA protections.
Published: 2026-02-03
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Jul 2026 14:45:00 +0000

Type Values Removed Values Added
Description EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and privileges. EspoCRM 5.7.0 prior to 5.9.0 contains an authentication token reuse vulnerability that allows authenticated attackers to bypass two-factor authentication by exploiting token-to-password-hash mapping in application/Espo/Core/Utils/Authentication/Espo.php. Attackers can obtain an authentication token for a controlled account and replay it against any victim account sharing the same password, since tokens are bound to password hashes rather than unique per-user values, bypassing the victim's 2FA protections.
Title EspoCRM 5.8.5 - Privilege Escalation EspoCRM 5.7.0 < 5.9.0 - Two-Factor Authentication Bypass via Auth Token Reuse Between Accounts with Identical Passwords
Weaknesses CWE-303
CPEs cpe:2.3:a:espocrm:espocrm:5.8.5:*:*:*:*:*:*:*
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}


Thu, 05 Mar 2026 02:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:espocrm:espocrm:5.8.5:*:*:*:*:*:*:*

Tue, 03 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:espocrm:espocrm:*:*:*:*:*:*:*:*

Wed, 04 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 04 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Espocrm
Espocrm espocrm
Vendors & Products Espocrm
Espocrm espocrm

Tue, 03 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Description EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and privileges.
Title EspoCRM 5.8.5 - Privilege Escalation
Weaknesses CWE-639
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-07-15T01:24:24.326Z

Reserved: 2026-02-01T13:16:06.487Z

Link: CVE-2020-37094

cve-icon Vulnrichment

Updated: 2026-02-04T19:36:36.403Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-03T22:16:25.673

Modified: 2026-06-17T03:16:57.420

Link: CVE-2020-37094

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-02-04T12:05:01Z

Weaknesses