It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2018-01-18T21:00:00Z
Updated: 2024-08-05T18:28:16.597Z
Reserved: 2017-08-01T00:00:00
Link: CVE-2017-12197
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-01-18T21:29:00.203
Modified: 2024-11-21T03:09:02.127
Link: CVE-2017-12197
Redhat