Computer Security
[EN] securityvulns.ru no-pyccku


Sitepark Information Enterprise Server unauthorized access
Published:02.05.2014
Source:
SecurityVulns ID:13699
Type:remote
Threat Level:
5/10
Description:Unauthorized access during update.
Affected:SITEPARK : Information Enterprise Server 2.9
CVE:CVE-2014-3006 (Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account password and obtain sensitive information via a request to install/.)
Original documentdocumentLSE Leading Security Experts GmbH (Security Advisories), LSE Leading Security Experts GmbH - LSE-2014-04-10 - Sitepark IES - Unauthenticated Access (02.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod