Since joining in 2014, Jimi has taken on multiple roles within Tenable. He’s been involved in most aspects of the plugin lifecycle at one point or another and has been responsible for the creation and maintenance of several core plugin frameworks. Prior to joining the Zero Day Research team, he was responsible for the design, creation, and launch of an internal automation initiative that serves as a primary datasource for products and workflows within Tenable.
A vulnerability regarding missing authentication exists in Adobe FrameMaker Publishing Server (FMPS). This allows an unauthenticated remote attacker to access FMPS REST APIs. For example, the attacker can fetch user information (including encrypted password) for all FMPS users. The encrypted password can be decrypted by accessing a FMPS API. This allows the attacker to login to FMPS.