Back to search
CVE-2010-0219
Published: Oct 18, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
41799
third-party-advisory
x_refsource_SECUNIA
https://kb.juniper.net/KB27373
x_refsource_CONFIRM
http://retrogod.altervista.org/9sg_ca_d2d.html
x_refsource_MISC
70233
vdb-entry
x_refsource_OSVDB
15869
exploit
x_refsource_EXPLOIT-DB
ADV-2010-2673
vdb-entry
x_refsource_VUPEN
20101014 R7-0037: SAP BusinessObjects Axis2 Default Admin Password
mailing-list
x_refsource_BUGTRAQ
businessobjects-dswsbobje-security-bypass(62523)
vdb-entry
x_refsource_XF
42763
third-party-advisory
x_refsource_SECUNIA
http://www.rapid7.com/security-center/advisories/R7-0037.jsp
x_refsource_MISC
VU#989719
third-party-advisory
x_refsource_CERT-VN
1024929
vdb-entry
x_refsource_SECTRACK
https://service.sap.com/sap/support/notes/1432881
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now