PT-2006-2626 · Adobe · Livecycle Forum Manager+1

Published

2006-04-13

Updated

2017-07-20

CVE-2006-1628

CVSS v2.0

4.6

Medium

Vector

AV:N/AC:H/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Adobe LiveCycle Workflow version 7.01 Adobe LiveCycle Forum Manager version 7.01

Description: The issue allows users to authenticate and perform privileged actions when their account is marked as "OBSOLETE" but the account is also active within the authentication system.

Recommendations: For Adobe LiveCycle Workflow version 7.01, update the authentication system to correctly handle "OBSOLETE" accounts. For Adobe LiveCycle Forum Manager version 7.01, ensure that accounts marked as "OBSOLETE" are properly deactivated to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1628

Affected Products

Livecycle Forum Manager

Livecycle Workflow

PT-2006-2626 · Adobe · Livecycle Forum Manager+1

CVE-2006-1628

Related Identifiers

Affected Products

References · 7