Security Advisory

CVE-2021-44839

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-18 19:19:35

Last updated 2024-08-04 04:32:13

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Delta RM 1.2. It is possible to request a new password for any other account using the account ID. Using the /listes/DTsendmaildata/adm_utilisateur/send-mail.json endpoint, a user can send a JSON array with user IDs that will have their passwords reset (and new ones sent to their respective e-mail addresses).

← Browse all CVEs View on cve.org ↗