12 matches found
EUVD-2002-0704
Malware in sbrugna...
CVE-2024-1040
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
Error: "Could not update master user list" while changing LDAP Config
Error on XenMobile Server- Could not update master user list error: "Could not update master user list" while changing LDAP Config...
dovecot: Privilege escalation when similar master and non-master passdbs are used
A vulnerability was found in the Dovecot IMAP Server. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrect settings can lead...
CVE-2022-36803
The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. This vulnerability was reported by Jacob Shafer from Bishop Fox...
Dovecot IMAP Server 2.2 Improper Access Control Vulnerability
Dovecot IMAP server version 2.2 suffers from a privilege escalation vulnerability. When two passdb configuration entries exist in the Dovecot configuration, which have the same driver and args settings, the incorrect usernamefilter and mechanism settings can be applied to passdb definitions. Thes...
CVE-2020-8001
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account...
Error "Could not update master user list" while saving the LDAP Configuration on XenMobile server
Unable to save LDAP configuration and getting Error "Could not update master user list" For sample logs: 2017-08-21T09:21:30.411-0700 | 3811F15F6AE686BC | INFO | http-nio-14443-exec-11 | com.citrix.cg.identity.ldap.LdapManager | Given baseDN 'dc=domain,dc=example,dc=com'is valid:true...
Master User, versions before 2.1.4
Versions before 2.1.4 suffered from an issue with insecure default settings, the issue affects Joomla 3.4 sites only, but users are advised by the developer to update anyway. Resolution: Update to version 2.1.4 Update notice URL:...
CVE-2002-0712
Entrust Authority Security Manager EASM 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations...
Entrust Authority Security Manager (EASM) does not enforce multiple authorization requirement for master user password change
Overview Entrust Authority Security Manager contains a vulnerability that could allow a master user to change the password of another master user. A master user could exploit this vulnerability to perform operations that otherwise require authorization by multiple master users. Description Entrus...
Bing Bar v7 MU key does NOT exist
...