9 matches found
CVE-2021-44153
An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit this to run a malicious binary on startup, or...
CVE-2021-44152
An issue was discovered in Reprise RLM 14.2. Because /goform/changepasswordprocess does not verify authentication or authorization, an unauthenticated user can change the password of any existing user. This allows an attacker to change the password of any known user, thereby preventing valid user...
CVE-2021-44151
An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any existing sessions by bruteforcing the 4 hex-character session cookie on the Windows version the Linux version appears to have 8 characters. An attacker can obtain the static part of the cooki...
CVE-2021-44154
An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/editopt, which will then be triggered when running the diagnostics via /goform/diagnosticsdoit, resulting in a buffer overflow...
Design/Logic Flaw
An issue was discovered in /goform/loginprocess in Reprise RLM 14.2. When an attacker attempts to login, the response if a username is valid includes Login Failed, but does not include this string if the username is invalid. This allows an attacker to enumerate valid users...
Cross site request forgery (csrf)
An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any existing sessions by bruteforcing the 4 hex-character session cookie on the Windows version the Linux version appears to have 8 characters. An attacker can obtain the static part of the cooki...
CVE-2021-44153
CVE-2021-44153 affects Reprise License Manager (RLM) 14.2. An admin user can enable an option while editing the license file to run arbitrary executables, demonstrated by the ISV entry using calc.exe. An attacker can exploit this to run a malicious binary on startup or when triggering the Reread/...
CVE-2021-44152
An issue was discovered in Reprise RLM 14.2. Because /goform/changepasswordprocess does not verify authentication or authorization, an unauthenticated user can change the password of any existing user. This allows an attacker to change the password of any known user, thereby preventing valid user...
CVE-2021-44155
An issue was discovered in /goform/loginprocess in Reprise RLM 14.2. When an attacker attempts to login, the response if a username is valid includes Login Failed, but does not include this string if the username is invalid. This allows an attacker to enumerate valid users...