Insufficient Authorization Checks Allow Unauthorized Profile Data Modification in Pleasant Password Server (before 7.8.3)

Insufficient Authorization Checks Allow Unauthorized Profile Data Modification in Pleasant Password Server (before 7.8.3)

CVE-2017-17708 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3.

Learn more about our Cis Benchmark Audit For Server Software.