OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation. This allows any authenticated user to change the password of any other user, including the Administrator account.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOpentext Bizmanager
APPOpentext< 16.6.0.1
Powiązane podatności
A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was fou...
OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...
OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands ...
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1....
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText...