An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated malicious user to brute-force the password reset PINs of administrative users.
Unauthenticated attackers can exploit a weakness in the password reset functionality of the Visual Planning application in order to obtain access to arbitrary user accounts including administrators In case administrative (in the context of Visual Planning) accounts are compromised, attackers can install malicious modules into the application to ta ...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Title
=====
Status
======
PUBLISHED
Version
=======
10
CVE reference
=============
CVE-2023-49232
Link
====
wwwschutzwerkcom/advisories/schutzwerk-sa-2023-004/
Text-only version:
wwwschutzwerkcom/advisories/SCHUTZWERK-SA-2023-004txt
Affected products/vendor
========= ...