2 matches found
IBM Aspera Orchestrator Unverified Password Change Vulnerability
IBM Aspera Orchestrator is an automated workflow engine focused on managing file transfers and processing tasks. An unauthenticated password change vulnerability exists in IBM Aspera Orchestrator, which can be exploited by an attacker to make unauthorized changes to other users' passwords...
CVE-2024-20419
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...