3 matches found
CVE-2009-1465
CVE-2009-1465 affects Application Access Server (A-A-S) 2.0.48, where the admin account uses the default password “wildbat,” enabling remote attackers to obtain administrative access. The provided documents confirm the component and default credential issue but do not specify a fixed version or o...
CVE-2009-1466
CVE-2009-1466 affects Application Access Server (A-A-S) 2.0.48, where the passwords and the port keyword are stored in cleartext in aas.ini. Local users reading aas.ini can obtain sensitive data. The issue is caused by insecure password/port storage in the configuration file. Remediation details ...
CVE-2009-1464
CVE-2009-1464 involves CSRF vulnerabilities in index.aas of Application Access Server (A-A-S) 2.0.48 that allow remote attackers to hijack administrator authentication and trigger actions such as executing arbitrary commands, stopping services, or terminating processes via specific jobs. The vuln...