CVE-2015-6237

CVE-2015-6237 affects Tripwire IP360 VnE Manager, versions 7.2.2 through 7.2.5. The RPC service exposes a remote XML-RPC API that bypasses authentication, enabling an unauthenticated attacker to enumerate users, reset passwords, and manipulate IP filter restrictions via crafted privileged command...