Insufficient Authorization Checks Allow Unauthorized Profile Data Modification in Pleasant Password Server (before 7.8.3)
CVE-2017-17708 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:N
Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3.
Learn more about our Cis Benchmark Audit For Server Software.