Authentication Bypass and Privilege Escalation Vulnerability in Tripwire IP360 VnE Manager
CVE-2015-6237 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted "privileged commands."
Learn more about our User Device Pen Test.