CVE-2006-1628

high

Description

Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25779

http://www.vupen.com/english/advisories/2006/1343

http://www.securityfocus.com/bid/17511

http://www.adobe.com/support/techdocs/333036.html

http://securitytracker.com/id?1015906

http://secunia.com/advisories/19620

Details

Source: Mitre, NVD

Published: 2006-04-13

Updated: 2026-04-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.03176

Detections

Analytics