Arbitrary Account Creation with Weak Password Vulnerability in Jenzabar JICS

Arbitrary Account Creation with Weak Password Vulnerability in Jenzabar JICS

CVE-2019-10011 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02-06 allows remote attackers to create an arbitrary number of accounts with a password of 1234.

Learn more about our User Device Pen Test.