CVE-2006-1628
First published: Thu Apr 13 2006(Updated: )
Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Livecycle Form Manager | =7.01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-1628?
CVE-2006-1628 is considered to have a moderate severity level due to the potential for unauthorized access and privilege escalation.
How do I fix CVE-2006-1628?
To fix CVE-2006-1628, ensure that obsolete accounts are properly deactivated in the authentication system and apply any security patches provided by Adobe.
What software versions are affected by CVE-2006-1628?
CVE-2006-1628 affects Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01.
What does CVE-2006-1628 allow an attacker to do?
CVE-2006-1628 allows an attacker to authenticate and perform privileged actions using an account that is marked as obsolete but still active.
Is there a workaround for CVE-2006-1628?
A potential workaround for CVE-2006-1628 is to regularly review and deactivate obsolete accounts to prevent unauthorized access.
- collector/nvd-historical
- vendor/adobe
- product/livecycle form manager
- canonical/adobe livecycle form manager
- collector/nvd-index
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- version/adobe livecycle form manager/7.01