all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Visual Planning 8 Authentication Bypass

Add to bookmarks
April 5, 2024, 6:26 p.m. |

Packet Storm packetstormsecurity.com

Unauthenticated attackers can exploit a weakness in the password reset functionality of the Visual Planning application in order to obtain access to arbitrary user accounts including administrators. In case administrative (in the context of Visual Planning) accounts are compromised, attackers can install malicious modules into the application to take over the application server hosting the Visual Planning application. All versions prior to Visual Planning 8 (Build 240207) are affected.

access accounts administrators application attackers authentication authentication bypass bypass can case compromised context exploit hosting install malicious modules order password password reset planning reset server server hosting unauthenticated weakness

Visit resource

More from packetstormsecurity.com / Packet Storm

Wireshark Analyzer 4.2.5 2 days, 15 hours ago | packetstormsecurity.com
capture code commercial features +14
Packet Fence 13.2.0 2 days, 15 hours ago | packetstormsecurity.com
abnormal access access control a network +21
SIPPTS 4.0 2 days, 16 hours ago | packetstormsecurity.com
audit check devices protocol +13
Debian Security Advisory 5692-1 2 days, 16 hours ago | packetstormsecurity.com
advisory arbitrary code code debian +18
Debian Security Advisory 5691-1 2 days, 16 hours ago | packetstormsecurity.com
advisory arbitrary code browser clickjacking +16
Debian Security Advisory 5689-1 2 days, 16 hours ago | packetstormsecurity.com
advisory arbitrary code aware chromium +19
Debian Security Advisory 5690-1 2 days, 16 hours ago | packetstormsecurity.com
advisory click debian debian linux security +11
Ubuntu Security Notice USN-6766-2 2 days, 16 hours ago | packetstormsecurity.com
action attacker conditions denial of service +16
Red Hat Security Advisory 2024-2852-03 2 days, 16 hours ago | packetstormsecurity.com
advisory apache build developer +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India
View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190
View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal
View on infosec-jobs.com