Authentication Bypass in Objectivity/DB 10.0 Affects Remote Management Capabilities
CVE-2011-0489

Currently unrated

Key Information:

Vendor: Objectivity
Status: Objectivity\/db
Vendor: CVE Published:; 18 January 2011

🔔 Create Objectivity Vulnerability Alert

What is CVE-2011-0489?

The server components in Objectivity/DB 10.0 are exposed due to a lack of authentication for administrative commands. This security oversight enables remote attackers to execute potentially harmful commands against the Lock Server or the Advanced Multithreaded Server. By sending specific TCP requests, attackers can modify critical data, access sensitive information, or disrupt service availability, thereby posing significant risks to data integrity and system reliability.

References

http://secunia.com/advisories/42901

third-party-advisoryx_refsource_SECUNIA

http://www.exploit-db.com/exploits/15988

exploitx_refsource_EXPLOIT-DB

https://exchange.xforce.ibmcloud.com/vulnerabilities/64699

vdb-entryx_refsource_XF

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 18, 2011
Vulnerability Reserved
Jan 18, 2011

JSON