Sonexis ConferenceManager Multiple Information Disclosure And Security Bypass Vulnerabilities Network Vulnerability

Summary

Sonexis ConferenceManager is prone to remote information-disclosure and security-bypass vulnerabilities. An attacker may exploit these issues to obtain sensitive information and bypass certain security restrictions. Sonexis ConferenceManager versions 10.0.40 and prior are vulnerable.

Solution

Reportedly, the issue is fixed however, Symantec has not confirmed this. Please contact the vendor for more information.

References

http://www.securityfocus.com/bid/51994
http://www.sonexis.com/products/index.asp

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Advanced Guestbook Index.PHP SQL Injection Vulnerability
Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
AdaptBB Multiple Input Validation Vulnerabilities
Acidcat CMS Multiple Vulnerabilities
Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution

Sonexis ConferenceManager Multiple Information Disclosure and Security Bypass Vulnerabilities

Take action and discover your vulnerabilities