cbcvebase.
CVE-2009-2344
published 2009-07-07

CVE-2009-2344: The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a…

PriorityP352critical9CVSS 2.0
AVNACLAuSCCICAC
EXPLOIT
EPSS
9.25%
94.7th percentile
The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.

Affected

8 ranges
VendorProductVersion rangeFixed in
sourcefire3d_sensor<= 4.8.1
sourcefire3d_sensor
sourcefire3d_sensor
sourcefire3d_sensor
sourcefiredefense_center<= 4.8.1
sourcefiredefense_center
sourcefiredefense_center
sourcefiredefense_center
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.