VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
JVNDB-2010-002277     ( CVE-2010-0219 | CVE-2010-0219 )
SAP BusinessObjects Axis2 におけるデフォルトパスワードの問題
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002277.html

Original

SAP BusinessObjects の Axis2 コンポーネントに出荷時に設定されている管理用アカウントは、遠隔の第三者に利用される可能性があります。 SAP BusinessObjects 製品には、Axis2 モジュール (dswsbobje.war) が含まれています。Axis2 に出荷時に設定されている管理用アカウントは製品ドキュメント以外の方法でも入手可能です。

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
JVN iPedia
First Published:
2010-11-10
Source Information Category:
Advisory, Alert
Last Updated:
2010-11-10




Affected Product Tags
cpe:/a:sap:businessobjects
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives
Common Vulnerabilities and Exposures (CVE) CVE-2010-0219




National Vulnerability Database (NVD) CVE-2010-0219








References
ISS X-Force Database 62523




JVN JVNVU#989719




SAP SAP Security Note 1432881 (Registered Users Only)




Secunia Advisory SA41799




US-CERT Vulnerability Note VU#989719




VUPEN Security VUPEN/ADV-2010-2673




共通脆弱性タイプ一覧 (CWE) 証明書・パスワード管理 (CWE-255)




Copyright © 2010 JPCERT/CC All Rights Reserved.