CVE-2017-7284

An attacker that has hijacked a Unitrends Enterprise Backup (before 9.1.2) web server session can leverage api/includes/users.php to change the password of the logged in account without knowing the current password. This allows for an account takeover.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
unitrendsenterprise_backup
𝑥
≤ 9.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/
https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/