Unrated severityNVD Advisory· Published Dec 24, 2012· Updated Jun 16, 2026
CVE-2012-5930
CVE-2012-5930
Description
The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:microfocus:privileged_user_manager:2.3.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microfocus:privileged_user_manager:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:microfocus:privileged_user_manager:2.3.1:*:*:*:*:*:*:*
- (no CPE)range: <2.3.1 HF2
Patches
Vulnerability mechanics
References
4- retrogod.altervista.org/9sg_novell_netiq_i.htmnvdExploit
- retrogod.altervista.org/9sg_novell_netiq_i_adv.htmnvdExploit
- www.netiq.com/support/kb/doc.phpnvdVendor Advisory
- download.novell.com/Downloadnvd
News mentions
0No linked articles in our index yet.