Skip to main content

Active Directory Self Service CVE-2015-8570

HIGH
Permissions, Privileges, and Access Controls (CWE-264)
2015-12-15 cve@mitre.org
7.4
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
AV:A/AC:M/Au:S/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:A/AC:M/Au:S/C:C/I:C/A:C
Attack Vector
Adjacent
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Dec 15, 2015 - 21:59 cve.org
HIGH 7.4

DescriptionCVE.org

The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request.

AnalysisAI

The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request. Rated high severity (CVSS 7.4). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-264. The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request. Affected products include: Lepide Active Directory Self Service.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2015-8570 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy