Password Change Vulnerability in Easy Hosting Control Panel (EHCP) v0.37.12.b

Password Change Vulnerability in Easy Hosting Control Panel (EHCP) v0.37.12.b

CVE-2018-6617 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.