Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1634Groupwise vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
4.9%
top 10.35%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Groupwise
Timeline
PublishedMay 26
Latest updateMay 2

Description

The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDnovell/groupwise6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-w5wm-g625-qqpv: The WebAccess component in Novell GroupWise 72022-05-02
CVEList
CVE-2009-1634: The WebAccess component in Novell GroupWise 72009-05-26

💥Exploits & PoCs

1
Exploit-DB
Novell Groupwise 8.0 Webaccess - Multiple Vulnerabilities2009-05-21
CVE-2009-1634 — Novell Groupwise vulnerability | cvebase