Security Advisory

CVE-2007-6547

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-12-28 00:00:00

Last updated 2024-08-07 16:11:05

Assigner mitre

State PUBLISHED

Description

RunCMS before 1.6.1 does not require entry of the old password during a password change, which allows context-dependent attackers to change passwords upon obtaining temporary access to a session.

← Browse all CVEs View on cve.org ↗