Unrestricted Access and Password Change Vulnerability in Sitepark Information Enterprise Server (IES) 2.9

Unrestricted Access and Password Change Vulnerability in Sitepark Information Enterprise Server (IES) 2.9

CVE-2014-3006 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account password and obtain sensitive information via a request to install/.

Learn more about our Cis Benchmark Audit For Server Software.