GroundWork Monitor Enterprise 6.7.0 and possibly earlier versions contain multiple vulnerabilities.
The SEC Consult Vulnerability Lab Security Advisory states:
The following vulnerability description has been categorized into the components where the vulnerabilities have been identified.
A remote unauthenticated attacker may be able to modify the administrator web interface of the system, read sensitive configuration files, or execute arbitrary operating system commands with the permission's of the GroundWork Monitor Enterprise system.
Thanks to Johannes Greil of SEC Consult Unternehmensberatung GmbH for reporting these vulnerabilities. https://www.sec-consult.com
This document was written by Michael Orlando.
|Date First Published:||2013-03-08|
|Date Last Updated:||2013-03-08 19:46 UTC|