CVE-2010-0219

Currently unrated

Key Information:

Vendor: Apache
Status: Axis2; Businessobjects
Vendor: CVE Published:; 18 October 2010

Summary

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.

References

http://secunia.com/advisories/41799

third-party-advisoryx_refsource_SECUNIA

https://kb.juniper.net/KB27373

x_refsource_CONFIRM

http://retrogod.altervista.org/9sg_ca_d2d.html

x_refsource_MISC

EPSS Score

97% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 18, 2010
Vulnerability Reserved
Jan 6, 2010