This vulnerability affects all installations of Open-AudIT prior to version 1.6.2.
Users are advised to upgrade ASAP.
Open-AudIT 1.6 for Windows and earlier. Open-AudIT Enterprise is not affected by this vulnerability.
Workarounds and Mitigations
Upgrade to Open-AudIT 1.6.2
The vulnerability was addressed by Opmantek and upgrading to Open-AudIT 1.6.2 will include this fix and remove the vulnerability.
The preferred method of mitigation is an upgrade to Open-AudIT 1.6.2.
Customers can further mitigate this threat by proactively changing the default passwords as shipped with Open-AudIT.