Unrated severityNVD Advisory· Published Jan 31, 2018· Updated Aug 5, 2024

CVE-2017-8916

Description

In Center for Internet Security CIS-CAT Pro Dashboard before 1.0.4, an authenticated user is able to change an administrative user's e-mail address and send a forgot password email to themselves, thereby gaining administrative access.

Affected products

Center for Internet Security/CIS-CAT Pro Dashboardllm-create
Range: <1.0.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisecurity.org/cis-security-updates/incorrect-access-control-cve-2017-8916/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000