PT-2017-17887 · Apache · Apache Openmeetings

Published

2017-07-14

·

Updated

2022-05-13

·

CVE-2017-7688

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Apache OpenMeetings versions prior to 3.3.0
Description The issue concerns an insecure manner of updating user passwords. This problem is fixed in version 3.3.0.
Recommendations For versions prior to 3.3.0, update to version 3.3.0 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2017-7688
GHSA-XHJ7-JR45-5W8R

Affected Products

Apache Openmeetings