CVE-2021-1522
CVE-2021-1522 describes a weakness in Cisco Connected Mobile Experiences (CMX) where the server-side change-password API does not sufficiently enforce the configured password policy. An authenticated, remote attacker could use a crafted API request to change their own password to a value that vio...