Количество 2
Количество 2
CVE-2009-1596
Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet.
GHSA-h5m2-8pmw-gmg7
Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2009-1596 Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet. | CVSS3: 6.5 | 0% Низкий | больше 16 лет назад |
| GHSA-h5m2-8pmw-gmg7 Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet. | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу