Buffer overflow

2019-02-1318:29:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.2%

JSON

OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors.

CPENameOperatorVersion
openamge13.0
openamle13.0.0

CPE	Name	Operator	Version
	openam	ge	13.0
	openam	le	13.0.0

References

jvn.jp/en/jp/JVN49995005/index.html

www.cs.themistruct.com/report/wam20181012

www.osstech.co.jp/support/am2018-4-1-en