CVE-2008-2139

2008-05-12T17:20:00
ID CVE-2008-2139
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:30:00

Description

The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the administrator account.