CVE ID
CVE-2017-7284
DESCRIPTION
An issue in api/includes/users.php allowed a remote user to force a password change on the system without proper credentials.
RESOLUTION
Unitrends Risk Assessment: None
Resolved with latest security update as of 04/14/2017.