Vulnerabilities > CVE-2009-4770 - Credentials Management vulnerability in Jasper Httpdx

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
jasper
CWE-255

Summary

The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 has a default password of pass123 for the moderator account, which makes it easier for remote attackers to obtain privileged access.

Vulnerable Configurations

Part Description Count
Application
Jasper
5

Common Weakness Enumeration (CWE)