Chris Mayhew

**Name of the Vulnerable Software and Affected Versions** HR Systems Strategies info:HR HRIS version 7.9 **Description** The issue allows local users to bypass intended database restrictions. This is achieved by accessing the `USERPW` registry key and bypassing an unspecified obfuscation technique, which does not properly protect the database password. **Recommendations** For HR Systems Strategies info:HR HRIS version 7.9, consider restricting access to the `USERPW` registry key to minimize the risk of exploitation. Additionally, review and enhance the database password protection mechanism to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.