Lucene search

K
cvelistRedhatCVELIST:CVE-2017-12197
HistoryJan 18, 2018 - 9:00 p.m.

CVE-2017-12197

2018-01-1821:00:00
CWE-863
redhat
www.cve.org

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.5%

It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.

CNA Affected

[
  {
    "product": "libpam4j",
    "vendor": "Red Hat, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "up to and including 1.8"
      }
    ]
  }
]

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.5%