An issue discovered in Axigen Mail Server 10.3.x prior to 10.3.1.27 and 10.3.2.x prior to 10.3.3.1 allows unauthenticated malicious users to submit a setAdminPassword operation request, subsequently setting a new arbitrary password for the admin account.
Vulmon