CVE-2009-4843
published 2010-05-07CVE-2009-4843: ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to…
PriorityP353high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.11%
79.5th percentile
ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| toutvirtual | virtualiq | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/37297http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txthttp://www.securityfocus.com/archive/1/507729/100/0/threadedhttp://secunia.com/advisories/37297http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txthttp://www.securityfocus.com/archive/1/507729/100/0/threaded
2010-05-07
Published