Detect date
?
|
12/23/2015 |
Severity
?
|
Critical |
Description
|
An unspecified vulnerability was found in Dovestones AD Self Password Reset. By exploiting this vulnerability malicious users can reset arbitrary passwords. This vulnerability can be exploited remotely via a specially designed request. Technical details This vulnerability related to PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll and can be triggered by attacker with valid username only. |
Affected products
|
Dovestones AD Self Password Reset versions earlier than 3.0.4.0 |
Solution
|
Update to the latest version |
Original advisories
|
|
Impacts
?
|
SB [?] |
Related products
|
Dovestones AD Self Password Reset |
CVE-IDS
?
|
|
Find out the statistics of the vulnerabilities spreading in your region |