CVE-2013-2747

Name of the Vulnerable Software and Affected Versions Courion Access Risk Management Suite version 8 Update 9

Description The issue concerns the password reset feature, which allows remote authenticated users to bypass intended Internet Explorer usage restrictions. This can be achieved by utilizing keyboard shortcuts to navigate the file system and open a command prompt, ultimately enabling the execution of arbitrary commands.

Recommendations For Courion Access Risk Management Suite version 8 Update 9, consider restricting access to the password reset feature until a fix is available, and limit the use of keyboard shortcuts within the application to minimize the risk of exploitation.