The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page.
Max CVSS
6.4
EPSS Score
0.17%
Published
2010-05-26
Updated
2010-05-27
The Forgot Password implementation in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to reset passwords of accounts with blank Hint questions and Hint answers by sending an empty value for each of these two Hint fields.
Max CVSS
5.1
EPSS Score
1.67%
Published
2010-05-12
Updated
2018-10-10
com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote attackers to obtain JMX interface access via a blank password.
Max CVSS
6.8
EPSS Score
0.97%
Published
2010-05-19
Updated
2018-10-10
The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.
Max CVSS
4.3
EPSS Score
0.07%
Published
2010-05-26
Updated
2010-05-27
ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.
Max CVSS
7.5
EPSS Score
2.76%
Published
2010-05-07
Updated
2018-10-10
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!