CVE-2009-4843

CVE-2009-4843 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.

Learn more about our Web App Pen Testing.