The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-07-07T19:00:00
Updated: 2024-08-07T05:44:55.955Z
Reserved: 2009-07-07T00:00:00
Link: CVE-2009-2344
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-07-07T19:30:00.297
Modified: 2024-11-21T01:04:39.173
Link: CVE-2009-2344
Redhat
No data.