Redblaze

**Name of the Vulnerable Software and Affected Versions** MinMax CMS (affected versions not specified) **Description** The issue is related to a hidden administrator account with a fixed password in MinMax CMS. This account cannot be removed or disabled from the management interface, allowing remote attackers to bypass IP access control restrictions and log in to the backend system without being recorded in the system logs. The exploitation of this issue may enable a remote attacker to gain access to the account and enter the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenText PVCS Version Manager versions prior to 8.6.3.3 **Description** The issue is related to weak access control in OpenText PVCS Version Manager, which allows potential bypassing of authentication and download of files. This could lead to unauthorized access to sensitive data. **Recommendations** For versions prior to 8.6.3.3, update to version 8.6.3.3 as soon as possible to prevent remote attacks.

**Name of the Vulnerable Software and Affected Versions** OpenText PVCS Version Manager (affected versions not specified) **Description** Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and uploading of files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.