What is CVE-2010-0219?

CVE-2010-0219 is a vulnerability in Apache Axis2, classified under CWE-255. Published 2010-10-18.

Is CVE-2010-0219 known to be exploited?

17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Axis2

CVE-2010-0219

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrar…

EPSS: 0.932 (99.8th percentile) — read the EPSS interpretation.

Affected products

Apache Axis2 — versions 1.5.1, 1.3, 1.6
Sap Businessobjects — versions 3.2
N/a — versions n/a

Weakness classification (CWE)

CWE-255

Public proof-of-concept exploits

References

41799 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cret@cert.org (x_refsource_CONFIRM)
cret@cert.org (x_refsource_MISC)
70233 (x_refsource_OSVDB, vdb-entry)
15869 (exploit, x_refsource_EXPLOIT-DB)
cret@cert.org (Exploit, x_refsource_MISC)
ADV-2010-2673 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
20101014 R7-0037: SAP BusinessObjects Axis2 Default Admin Password (mailing-list, x_refsource_BUGTRAQ)
businessobjects-dswsbobje-security-bypass(62523) (vdb-entry, x_refsource_XF)
42763 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2010-0219?: CVE-2010-0219 is a vulnerability in Apache Axis2, classified under CWE-255. Published 2010-10-18.
Is CVE-2010-0219 known to be exploited?: 17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.