CVE-2008-2139

NONE EPSS 28.2%
Published May 12, 200818y ago · Modified Jun 16, 20262w ago
Find Similar
Published May 12, 2008 18y ago
Last Modified Jun 16, 2026 2w ago

Description

The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the administrator account.

Threat Intelligence

EPSS Exploit Probability
28.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-264

Affected Products 2

VendorProductVersionRange
rpathappliance_platform_agent2any
rpathappliance_platform_agent3any

References 3

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.