CVE-2008-2139
NONE EPSS 28.2%
Published May 12, 200818y ago · Modified Jun 16, 20262w ago
Published May 12, 2008 18y ago
Last Modified Jun 16, 2026 2w ago
Description
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the administrator account.
Threat Intelligence
EPSS Exploit Probability
28.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-264
Affected Products 2
References 3
- wiki.rpath.com http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0148
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/42393
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/42394
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.