CVE-2017-7673

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-7673

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7673.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-7673

Aliases

GHSA-cqm6-hrgq-6869

Published

2017-07-17T13:18:29Z

Modified

2025-04-20T01:37:25Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection.

References

Affected packages

Git / github.com/apache/openmeetings

Affected ranges

Type: GIT
Repo: https://github.com/apache/openmeetings
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3db0ad0d802d9778f1d4df1c4f52dbf0ce289990

Last affected

ec8117c4ab942262f06836f1efe5985ae600e12c