CVE Vulnerabilities

CVE-2009-4830

Improper Authentication

Published: Apr 27, 2010 | Modified: Jul 30, 2010
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass authentication and obtain access to an Administrator account via unknown vectors, possibly related to www/admin/install.php, www/admin/install-plugins.php, and other www/admin/ files.

Weakness

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Openx Openx 2.8.1 2.8.1
Openx Openx 2.8.2 2.8.2

Potential Mitigations

References