Lucene search
HistoryDec 15, 2015 - 9:59 p.m.
CVE-2015-8570
lepide
active directory
password reset
remote authentication
vulnerability
7.4 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.141 Low
EPSS
Percentile
95.7%
The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request.
Affected configurations
Node
lepideactive_directory_self_serviceMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| lepide:active_directory_self_service | lepide active directory self service | eq | - |
Related
nvd
nvd
CVE-2015-8570
2015-12-15 21:59:11
prion
prion
Cross site request forgery (csrf)
2015-12-15 21:59:00
cvelist
cvelist
CVE-2015-8570
2015-12-15 21:00:00
7.4 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.141 Low
EPSS
Percentile
95.7%
Related for CVE-2015-8570