CVE-2023-43183

Name of the Vulnerable Software and Affected Versions Reprise License Manager version 15.1

Description The issue allows read-only users to arbitrarily change the password of an admin and hijack their account due to incorrect access control in Reprise License Management Software.

Recommendations For Reprise License Manager version 15.1, consider restricting access to password change functionality for read-only users until a patch is available. As a temporary workaround, monitor account activity closely to detect potential hijacking attempts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.