Authentication Bypass Vulnerability in libpam4j 1.8

Authentication Bypass Vulnerability in libpam4j 1.8

CVE-2017-12197 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.

Learn more about our User Device Pen Test.