CVE-2023-7265

Name of the Vulnerable Software and Affected Versions Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP versions prior to 15.84 Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP versions prior to 16.15 Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP versions prior to 17.2

Description The issue affects the user management system, allowing a logged-in user to change the password of any user, including the root user, which could lead to privilege escalation. Successful exploitation of this vulnerability may affect availability.

Recommendations For versions prior to 15.84, update to version 15.84 or later to resolve the issue. For versions prior to 16.15, update to version 16.15 or later to resolve the issue. For versions prior to 17.2, update to version 17.2 or later to resolve the issue.