CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Igniterealtime: >> Openfire >> 3.6.0a Security Vulnerabilities

CVE-2009-1595

The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Realtime Openfire before 3.6.4 allows remote authenticated users to change the passwords of arbitrary accounts via a modified username element in a passwd_change action.

CVSS Score

4.0

EPSS Score

0.079

Published

2009-05-11

Page 1

Vulnerabilities

Vulnerable Software

Igniterealtime: >> Openfire >> 3.6.0a Security Vulnerabilities

Products

Pricing

Contact Us