CVE-2019-11652
First published: Wed Aug 14 2019(Updated: )
A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate.
Credit: security@microfocus.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microfocus Netiq Self Service Password Reset | >=4.2.0.0<4.2.0.6 | |
| Microfocus Netiq Self Service Password Reset | >=4.3.0.0<4.3.0.6 | |
| Microfocus Netiq Self Service Password Reset | >=4.4.0.0<4.4.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.netiq.com/documentation/self-service-password-reset-42/release-notes-sspr42-p6/data/release-notes-sspr42-p6.html
- https://www.netiq.com/documentation/self-service-password-reset-43/release-notes-sspr-43-p3/data/release-notes-sspr-43-p3.html
- https://www.netiq.com/documentation/self-service-password-reset-44/release-notes-sspr-44-p3/data/release-notes-sspr-44-p3.html
- collector/nvd-index
- agent/author
- agent/references
- agent/severity
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/event
- agent/type
- collector/mitre-cve
- source/MITRE
- vendor/microfocus
- canonical/microfocus netiq self service password reset
- version/microfocus netiq self service password reset/4.2.0.0
- version/microfocus netiq self service password reset/4.3.0.0
- version/microfocus netiq self service password reset/4.4.0.0