PT-2024-13025 · Win Zapp · Win Zapp
Published
2024-03-26
·
Updated
2024-10-17
·
CVE-2023-41972
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Win ZApp versions prior to 4.3.0.121
Description
The issue is related to a missing password type validation in the Revert Password check. This could be disabled for some features, potentially leading to security issues.
Recommendations
For versions prior to 4.3.0.121, update to Win ZApp version 4.3.0.121 or later to resolve the issue. As a temporary workaround, consider restricting access to the Revert Password feature until the update is applied.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Win Zapp