CVE-2006-2531

2006-05-22T19:10:00
ID CVE-2006-2531
Type cve
Reporter NVD
Modified 2017-07-19T21:31:34

Description

Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole".