A-A-S Application Access Server Multiple Vulnerabilities Network Vulnerability

Summary

According to its version number, the remote version of A-A-S Application Access Server is prone to multiple security issues including a cross-site request-forgery vulnerability, an insecure-default-password vulnerability and an information-disclosure vulnerability. Attackers can exploit these issues to run privileged commands on the affected computer and gain unauthorized administrative access to the affected application and the underlying system. These issues affect version 2.0.48 other versions may also be affected.

References

http://www.securityfocus.com/bid/34911

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1464, CVE-2009-1465, CVE-2009-1466

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Struts2 Redirection and Security Bypass Vulnerabilities
ASP Inline Corporate Calendar SQL injection
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
ARRIS 2307 Unprotected Web Console
b2Evolution title SQL Injection

Take action and discover your vulnerabilities