It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2018-01-18T21:00:00Z

Updated: 2024-08-05T18:28:16.597Z

Reserved: 2017-08-01T00:00:00

Link: CVE-2017-12197

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-01-18T21:29:00.203

Modified: 2024-11-21T03:09:02.127

Link: CVE-2017-12197

cve-icon Redhat

Severity : Moderate

Publid Date: 2017-10-17T00:00:00Z

Links: CVE-2017-12197 - Bugzilla