CVE-2024-7265
Aug. 7, 2024, 3:17 p.m.
Tags
Product(s) Impacted
Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP
- 15 - 15.83
- 16 - 16.14
- 17 - 17.1
Description
Incorrect User Management vulnerability in Naukowa i Akademicka Sie? Komputerowa - Pa?stwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.
Weaknesses
CWE-286
Incorrect User Management
The product does not properly manage a user within its environment.
CWE ID: 286Date
Published: Aug. 7, 2024, 11:15 a.m.
Last Modified: Aug. 7, 2024, 3:17 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cvd@cert.pl