CVE-2022-23725 Login prior to 2.8 did not properly set permissions on the Windows Registry entries used to store sensitive API keys.

CVE-2022-23725 Login prior to 2.8 did not properly set permissions on the Windows Registry entries used to store sensitive API keys.

This could be abused by malicious or compromised user account to gain access to Extranet that they shouldn't have access to. This flaw has been fixed in Extranet 2.8. Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.This could be abused by malicious or compromised user account to gain access to Extranet that they shouldn't have access to. This flaw has been fixed in Extranet 2.8.

CVE-2018-17123 Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

CVE-2018-17124 Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

CVE-2018-17125 Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

CVE-2018-17126 Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

CVE-2018-17127 Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

CVE-2018-17128 Windows Login prior to 2.8 does not properly set permissions on the

Overview: What is Azure AD Connect?

Azure AD Connect is a solution that integrates on-premises Active Directory (AD) with Microsoft Azure Active Directory (Azure AD). It automates the onboarding and configuration of users, devices, and applications to Azure AD.

^ ^^

This could be abused by malicious or compromised user account to gain access to Extranet that they shouldn't have access to. This flaw has been fixed in Extranet 2.8.

This could be abused by malicious or compromised user account to gain access to Extranet that they shouldn't have access to. This flaw has been fixed in Extranet 2.8. Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

This could be abused by malicious or compromised user account to gain access to Extranet that they shouldn't have access to. This flaw has been fixed in Extranet 2.8, Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances, and this vulnerability is CVE-2018-17123

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe