VDB
MAGEIA-2018-234
MAGEIA-2018-234
PUBLISHED
It was discovered that libpam4j, a Java library wrapper for the integration of PAM did not call pam_acct_mgmt() during authentication. As such a user who has a valid password, but a deactivated or disabled account could still log in (CVE-2017-12197).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | libpam4j | 1.8-7.1.mga6, 0 |
Timeline
- May 16, 2018 CVE Updated
- May 16, 2018 CVE Published
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Security Advisory