Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Profense_web_application_firewall | Armorlogic | * | 2.2.21 (including) |
Profense_web_application_firewall | Armorlogic | 2.4 (including) | 2.4 (including) |