Summary
Dienstplan is prone to an insecure random password generation vulnerability.
Successfully exploiting this issue may allow an attacker to guess randomly generated passwords.
Versions prior to Dienstplan 2.3 are vulnerable.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- @Mail 'admin.php' Cross-Site Scripting Vulnerabilities
- Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities