Reprise License Manager Security Vulnerabilities and Issues — Reprise License Manager CVE List

Lucene search

ReprisesoftwareReprise License Manager

3 matches found

CVE•added 2021/12/13 4:15 a.m.•54 views

CVE-2021-44152

An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not verify authentication or authorization, an unauthenticated user can change the password of any existing user. This allows an attacker to change the password of any known user, thereby preventing valid user...

9.8CVSS9.6AI score0.86671EPSS

CVE•added 2018/08/20 2:29 a.m.•47 views

CVE-2018-15573

An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf parameter. By...

9.3CVSS7.5AI score0.0026EPSS

CVE•added 2021/12/13 4:15 a.m.•46 views

CVE-2021-44153

An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit this to run a malicious binary on startup, or w...

9CVSS7.6AI score0.0082EPSS