4 matches found
Apache Archiva < 2.2.8 Improper Authorization Vulnerability
Apache Archiva is prone to an improper authorization vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2022-29405
CVE-2022-29405 concerns Apache Archiva. Affected: Archiva; Issue: any registered user can reset the password for any user due to improper authorization. Impact stated as password reset capability for other users. Mitigation: upgrade to Archiva 2.2.8 (fix mentioned in release notes). If details va...
CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8...
CVE-2022-29405 Apache Archiva Arbitrary user password reset vulnerability
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8...