| Titolo | SGS Intergard v. 8.7.0 Denial of service by mass updating all users with an arbitrary password chosen by the adversary. |
|---|
| Descrizione | Denial of service by mass updating all users with an arbitrary password chosen by the adversary.
With a valid user, whatever the privilege, it is possible to use the change password functionality of the user in question to strictly change the password of all system users in bulk to one chosen and known only by the attacker, leaving everyone without access to the system.
Company website: https://www.intergard.com.br/ |
|---|
| Fonte | ⚠️ https://www.youtube.com/watch?v=CtOFB-L1rOg |
|---|
| Utente | hiagomoura (UID 50347) |
|---|
| Sottomissione | 11/07/2023 04:26 (3 anni fa) |
|---|
| Moderazione | 18/07/2023 21:30 (8 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 234445 [Intergard SGS 8.7.0 Change Password negazione del servizio] |
|---|
| Punti | 16 |
|---|