Cisco Connected Mobile Experiences Strong Authentication Requirements Enforcement Bypass

A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device.

This vulnerability exists because a password policy check is incomplete at the time a password is changed at server side using the API. An attacker could exploit this vulnerability by sending a specially crafted API request to the affected device. A successful exploit could allow the attacker to change their own password to a value that does not comply with the configured strong authentication requirements.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Security Impact Rating: Medium

CVE: CVE-2021-1522


  • No Related Posts

ShareFile : Application Specific password

You can access creation of application passwords underPersonal Settings > Personal Security > Two-Step Verification > Application Specific Passwords, using theCreate a Passwordbutton. On the new screen, you will be prompted to enter a label. This label will help you identify the app if you ever desire to revoke access to it. After clickingGenerate, click theCopybutton to copy the app-specific password to your clipboard. Next, Paste the new password into the password field of your app.

User-added image


  • No Related Posts

Unable to login so how do I reset my ShareFile password?

ShareFile Password Policy Update

IMPORTANT!Citrix issued a new password history requirement that you cannot reuse the previous 25 passwords on your account.

Due to an increase in internet-account credential (username and password) theft, Citrix requires a password reset and will incorporate a regularly scheduled forced password reset into our normal operating procedures. This policy will be defined in a future update in collaboration with customers and Citrix Product Security.


If you do not have the ability to reset your password due to your company’s policy or you are an admin and need to reset a client or user’s password, see User Password Reset by Admin for more information.

Article topics:

Reset Your Password without Logging In

If you have forgotten your ShareFile account password, you can reset it from your ShareFile account login screen.

Important: ShareFile password reset uses the reCAPTCHA tool for verification. reCAPTCHA is not supported by Microsoft Edge. See ShareFile No Password Reset in Microsoft Edge for more information.

  1. Utilizing your ShareFile domain name, navigate to “” and click the Forgot password? link below the login button.
  2. Verify your identity.
  3. If you did not receive email with link to reset ShareFile password, refer article CTX240121 – Did Not Receive Email With Link to Reset ShareFile Password
  4. Complete the reCAPTCHA tool.
  5. If you are listed with multiple account choices, please refer article CTX239873 – Wrong Company Account After ShareFile Password Reset
  6. Click send.
  7. The ShareFile system will send you an email that contains a link to reset your password. This link will expire after 15 minutes. Each time you send a password reset, the previous reset link will expire.
  8. Enter a new password.

Note: If you come across error “You Do Not Have Permission to Change Password for the Below Account(s)”, refer article CTX239979 –ShareFile Error: “You Do Not Have Permission to Change Password for the Below Account(s)”

Change Your Password When Already Logged In

  1. Log in to your ShareFile account and click Settings > Personal Settings > Edit Profile
  2. Under Change Password, enter your old password prior to creating a new one.
  3. Click Save.


  • No Related Posts

None of Our Users Can Login to Their ShareFile Accounts

Use the Forgot password link on the ShareFile login page to request the password reset email. Refer to CTX208278 – How to Reset ShareFile Password for detailed instructions.

Citrix recently introduced a new password requirements policy and reset user passwords as a security measure.

If You are an Admin

If you are an administrator for your organization’s ShareFile account, you should be able to help other users reset their passwords. Follow the instructions at User Password Reset by Admin for more information.


  • No Related Posts