Unauthenticated Password Change Vulnerability in Dolibarr ERP/CRM 4.0.4

Unauthenticated Password Change Vulnerability in Dolibarr ERP/CRM 4.0.4

CVE-2017-8879 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation.

Learn more about our Crm Penetration Testing.