Vulnerability in Cisco Smart Software Manager lets attackers change any user password

Cisco has disclosed a severe vulnerability in its Smart Software Manager On-Prem, that allows unauthenticated remote attackers to change the password of any user, including administrators. The company has attributed this flaw to an improper implementation of the password-change process. There are no existing workarounds to fix this issue, but a security update has been issued to correct the vulnerability.