First published: Mon Oct 18 2010(Updated: )
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Axis2 | =1.3 | |
Apache Axis2 | =1.4 | |
Apache Axis2 | =1.4.1 | |
Apache Axis2 | =1.5 | |
Apache Axis2 | =1.5.1 | |
Apache Axis2 | =1.5.2 | |
Apache Axis2 | =1.6 | |
SAP BusinessObjects | =3.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.