CVE-2015-8570 Information

Description

The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request.

Reference

http://www.securityfocus.com/bid/78729 http://www.zerodayinitiative.com/advisories/ZDI-15-621