English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10726
Security bypass vulnerability in Dovetones AD Self Password Reset
Updated: 06/03/2020
|
Detect date
?
|
12/23/2015 |
|
Severity
?
|
Critical |
|
Description
|
An unspecified vulnerability was found in Dovestones AD Self Password Reset. By exploiting this vulnerability malicious users can reset arbitrary passwords. This vulnerability can be exploited remotely via a specially designed request. Technical details This vulnerability related to PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll and can be triggered by attacker with valid username only. |
|
Affected products
|
Dovestones AD Self Password Reset versions earlier than 3.0.4.0 |
|
Solution
|
Update to the latest version |
|
Original advisories
|
|
|
Impacts
?
|
SB [?] |
|
Related products
|
Dovestones AD Self Password Reset |
|
CVE-IDS
?
|
|
| Find out the statistics of the vulnerabilities spreading in your region |