cbcvebase.
CVE-2009-4843
published 2010-05-07

CVE-2009-4843: ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to…

PriorityP353high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.11%
79.5th percentile
ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.

Affected

1 ranges
VendorProductVersion rangeFixed in
toutvirtualvirtualiq
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.