Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0372

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0372
Last Modified 05 Sep 2008 04:23:56
Published 18 Jun 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0372

Summary

Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a default group account :backup with no password, which allows a remote attacker to gain administrative access via the demo stores (1) barry, (2) basic, or (3) construct.

Vulnerable Systems

Application

  • Akopia Interchange 4.5.3

  • Akopia Interchange 4.6.3


References

BID - 2499

BUGTRAQ - 20010323 FW: Akopia Interchange E-commerce Package Demo Files Vulnerability

XF - akopia-interchange-gain-access(6273)

CONFIRM - http://lists.akopia.com/pipermail/interchange-announce/2001/000009.html


Last Updated: 27 May 2016 10:36:14