Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any users password within the system. This grants them unauthorized administrative access to protected areas of the application, compromising the devices system security.
A product requires authentication, but the product has an alternate path or channel that does not require authentication.