CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4843

ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.023

EPSS Ranking 84.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/37297
http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
http://www.securityfocus.com/archive/1/507729/100/0/threaded
http://secunia.com/advisories/37297
http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
http://www.securityfocus.com/archive/1/507729/100/0/threaded

Products affected by CVE-2009-4843

Toutvirtual » Virtualiq » Version: 3.5

cpe:2.3:a:toutvirtual:virtualiq:3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4843

Products

Pricing

Contact Us