ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-05-07T17:43:00
Updated: 2018-10-10T18:57:01
Reserved: 2010-05-07T00:00:00
Link: CVE-2009-4843
JSON object: View
NVD Information
Status : Modified
Published: 2010-05-07T18:24:15.377
Modified: 2018-10-10T19:49:31.370
Link: CVE-2009-4843
JSON object: View
Redhat Information
No data.
CWE