CVE-2008-5696

CWE-2553 documents3 sources
Severity
9.3CRITICAL
EPSS
2.5%
top 14.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Netware
Timeline
PublishedDec 19
Latest updateMay 17

Description

Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDnovell/netware6.5+1

🔴Vulnerability Details

2
GHSA
GHSA-f2j8-m6px-fwf5: Novell NetWare 62022-05-17
CVEList
CVE-2008-5696: Novell NetWare 62008-12-19
CVE-2008-5696 (CRITICAL CVSS 9.3) | Novell NetWare 6.5 before Support P | cvebase.io