This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote host is running a web application that is affected by an
authentication bypass vulnerability.
According to the self-reported version of the NetIQ Privileged User
Manager 'auth' package, the password for the 'admin' user of the NetIQ
Privileged User Manager web application can be modified without
authenticating via a specially crafted POST request.
Note that Nessus did not check for the presence of a workaround.
See also :
Apply NetIQ Privileged User Manager 2.3.1 HF2 (2.3.1-2) or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true