← back
CVE-2010-1910

CVE-2010-1910

EPSS 2.5%
The Forgot Password implementation in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to reset passwords of accounts with blank Hint questions and Hint answers by sending an empty value for each of these two Hint fields.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/39740http://wintercore.com/en/component/content/article/7-media/18-wintercore-releases-an-advisory-for-consona-products.htmlhttp://www.consona.com/Content/CRM/Support/SecurityBulletin_April2010.pdfhttp://www.kb.cert.org/vuls/id/602801http://www.securityfocus.com/archive/1/511176/100/0/threadedhttp://www.securityfocus.com/bid/40003