Vladislav Volozhenko

**Name of the Vulnerable Software and Affected Versions** Versions prior to the fix where the 'Bind password' value is reset on 'Host' change. **Description** A Super Admin account can potentially leak the LDAP 'Bind password' value by changing the LDAP 'Host' to a rogue LDAP server. The 'Bind password' value cannot be read after saving, but this manipulation allows unauthorized access. The issue is mitigated by resetting the 'Bind password' value when the 'Host' is changed. **Recommendations** Ensure the 'Bind password' value is reset on 'Host' change.

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A passback vulnerability relates to office or small office multifunction printers and laser printers. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.