CVE-2017-14322

Name of the Vulnerable Software and Affected Versions Interspire Email Marketer (IEM) versions prior to 6.1.6

Description The issue is related to a weakness in the user registration check function in the init.php script of Interspire Email Marketer (IEM), which is associated with deficiencies in the authentication procedure. This can be exploited by a remote attacker to bypass the authentication procedure and gain administrative access by using a specially crafted IEM CookieLogin cookie.

Recommendations For versions prior to 6.1.6, update to version 6.1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the IEM CookieLogin cookie to minimize the risk of exploitation.