Vignette Content Management Vulnerabilty

OWASP 2013-A9 OWASP 2017-A9 CWE-1035 WASC-45

Vignette has several vulnerabilities that allow attacker to obtain sensitive information, execute malicious code and/or denial of service attacks. When using vignette, it installs styles and login templetes. This can be found in vgn folder. The attacker can get access to the software. Unspecified vulnerability in Vignette Content Management allows “low privileged” users to gain administrator privileges via unknown attack vectors.

Impact

The impact include:-

  • Data breach
  • Possible execution of vulnerable code
  • Denial of service

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Applying a patch to eliminate this problem.

Latest Articles