CVE-2010-0219
Published Oct 18, 2010
Last updated 6 years ago
Overview
- Description
- Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
- Source
- cret@cert.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-255
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0CBFD09-884C-436D-8D92-88B47A130C47"
},
{
"criteria": "cpe:2.3:a:apache:axis2:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0604FFE-16AC-4990-85F6-88C48A8E1707"
},
{
"criteria": "cpe:2.3:a:apache:axis2:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D99CAA7-6580-4B1E-BDD7-0933F037B29D"
},
{
"criteria": "cpe:2.3:a:apache:axis2:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC2371DC-0E86-49F2-98F6-4CCE49A24183"
},
{
"criteria": "cpe:2.3:a:apache:axis2:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38D8E446-7735-49C4-83E3-F1E6448ABD43"
},
{
"criteria": "cpe:2.3:a:apache:axis2:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89046700-F2B9-4468-AB71-3451401C16DC"
},
{
"criteria": "cpe:2.3:a:apache:axis2:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEC87179-CCFA-45D4-98C1-7D594EC88999"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:businessobjects:3.2:*:enterprise_xi:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "224ED925-BF44-4C85-89B5-DC3A187AAE77"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]