CVE-2017-2614

CVE-2017-2614

When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.

Source: CVE-2017-2614

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다