Lucene search
Veracode Vulnerability DatabaseVERACODE:4306HistoryMay 26, 2017 - 8:29 a.m.
Unauthorized Password Change
2017-05-2608:29:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
34.9%
dolibarr/dolibarr is vulnerable to unauthorized password changes. The library does not require the current password for validation before changing to a new password, allowing a malicious user to obtain access to an unattended workstation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | le | 5.0.2 | |
| dolibarr/dolibarr | le | 5.0.2 |
Related
ubuntucve
ubuntucve
CVE-2017-8879
2017-05-10 00:00:00
osv
osv
CVE-2017-8879
2017-05-10 14:29:00
Dolibarr allows password changes without supplying the current password
2022-05-13 01:47:44
github
github
Dolibarr allows password changes without supplying the current password
2022-05-13 01:47:44
prion
prion
Design/Logic Flaw
2017-05-10 14:29:00
nvd
nvd
CVE-2017-8879
2017-05-10 14:29:00
cve
cve
CVE-2017-8879
2022-10-03 16:23:06
cvelist
cvelist
CVE-2017-8879
2022-10-03 16:23:06
openvas
openvas
Dolibarr <= 4.0.4 Multiple Vulnerabilities - Active Check
2017-05-15 00:00:00