Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account password and obtain sensitive information via a request to install/.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-05-02T14:00:00
Updated: 2024-08-06T10:28:46.386Z
Reserved: 2014-04-25T00:00:00
Link: CVE-2014-3006
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-05-02T14:55:07.590
Modified: 2024-11-21T02:07:19.080
Link: CVE-2014-3006
Redhat
No data.