PT-2006-2626 · Adobe · Livecycle Forum Manager+1

Publicado

2006-04-13

Atualizado

2017-07-20

CVE-2006-1628

CVSS v2.0

4.6

Média

Vetor

AV:N/AC:H/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Adobe LiveCycle Workflow version 7.01 Adobe LiveCycle Forum Manager version 7.01

Description: The issue allows users to authenticate and perform privileged actions when their account is marked as "OBSOLETE" but the account is also active within the authentication system.

Recommendations: For Adobe LiveCycle Workflow version 7.01, update the authentication system to correctly handle "OBSOLETE" accounts. For Adobe LiveCycle Forum Manager version 7.01, ensure that accounts marked as "OBSOLETE" are properly deactivated to prevent unauthorized access.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-1628

Produtos afetados

Livecycle Forum Manager

Livecycle Workflow

PT-2006-2626 · Adobe · Livecycle Forum Manager+1

CVE-2006-1628

Identificadores relacionados

Produtos afetados

Referências · 7