Vulnerability Details CVE-2009-4844
ToutVirtual VirtualIQ Pro 3.2 build 7882 does not restrict access to the /status URI on port 9080, which allows remote attackers to obtain sensitive Tomcat information via a direct request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
- http://www.securityfocus.com/archive/1/507729/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58576
- http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
- http://www.securityfocus.com/archive/1/507729/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58576
Products affected by CVE-2009-4844
-
cpe:2.3:a:toutvirtual:virtualiq:3.2_build_7882