RSS   Vulnerabilities for 'Content management'   RSS

2019-01-31
 
CVE-2018-18941

CWE-255
 

 
In Vignette Content Management version 6, it is possible to gain remote access to administrator privileges by discovering the admin password in the vgn/ccb/user/mgmt/user/edit/0,1628,0,00.html?uid=admin HTML source code, and then creating a privileged user account. NOTE: this product is discontinued.

 

 >>> Vendor: Vignette 6 Products
Storyserver
Vignette
Content suite
Application portal
Vignette content management
Content management


Copyright 2021, cxsecurity.com

 

Back to Top