2 matches found
CVE-2015-6237
CVE-2015-6237 affects Tripwire IP360 VnE Manager, versions 7.2.2 through 7.2.5. The RPC service exposes a remote XML-RPC API that bypasses authentication, enabling an unauthenticated attacker to enumerate users, reset passwords, and manipulate IP filter restrictions via crafted privileged command...
Tripwire IP360 VnE Remote Administrative API Authentication Bypass Vulnerability
The IP350 VnE is susceptible to a remote XML-RPC authentication bypass vulnerability, which allows for specially crafted privileged commands to be remotely executed without authentication. The RPC service is available on the public HTTPS interface of the VnE by default, and cannot be disabled...