Bypassing Password-Change Restrictions in EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0

Bypassing Password-Change Restrictions in EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0

CVE-2016-0912 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation.

Learn more about our User Device Pen Test.