cvedb.io
CVE-2017-16935
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-11-24T07:29:00.303 · Last modified 2026-06-17T01:10:10.593

Summary

Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote attackers to bypass intended access restrictions via a direct request to /plugins/core-ui/servercomm/messages.xml, as demonstrated by changing the admin password by obtaining account details via a users/search.json request, and then modifying the account via an editUser request.

Affected products

ametys — ametys

Does this affect you?

Add your gear to cvedb and we'll alert you only when ametys ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.