CVE-2009-4843

2010-05-07T18:24:00
ID CVE-2009-4843
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:49:00

Description

ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.