Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
The software does not validate, or incorrectly validates, a certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Netiq_self_service_password_reset | Microfocus | * | 4.3 |
Netiq_self_service_password_reset | Microfocus | 4.4 | 4.4 |
Netiq_self_service_password_reset | Microfocus | 4.4 | 4.4 |
Netiq_self_service_password_reset | Microfocus | 4.4 | 4.4 |
Netiq_self_service_password_reset | Microfocus | 4.4 | 4.4 |