Vtiger.CRM.Unauthenticated.Password.Reset
Description
This indicates an attack attempt against a Security Bypass vulnerability in vTiger CRM.
The vulnerability is due to the software's inability to properly restrict access to its password-resetting features. A remote attacker may exploit this to reset the password of the adminstrator account in a targeted system, via a HTTP request.
Affected Products
vTiger CRM 6.0 and prior
Impact
Security Bypass: Remote attackers can bypass security checking of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |