CVE-2009-4843
Toutvirtual Virtualiq - Authentication Bypass
Title source: ruleDescription
ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to (1) the JMX Management Console or (2) the Web Console.
Scores
EPSS
0.0184
EPSS Percentile
82.7%
Classification
CWE
CWE-287
Status
draft
Affected Products (1)
toutvirtual/virtualiq
Timeline
Published
May 07, 2010
Tracked Since
Feb 18, 2026