CVE-2009-4844

Published: May 7, 2010Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

ToutVirtual VirtualIQ Pro 3.2 build 7882 does not restrict access to the /status URI on port 9080, which allows remote attackers to obtain sensitive Tomcat information via a direct request.

Affected (1)

Products: Toutvirtual: Virtualiq

Toutvirtual

1 product

Virtualiq

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Toutvirtual Virtualiq	Version 3.2_build_7882

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/507729/100/0/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/58576

Source: cve@mitre.org

http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/507729/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/58576

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.