OpenVAS Administrator 1.2 prior to 1.2.2 and 1.3 prior to 1.3.2 allows remote malicious users to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openvas openvas administrator 1.3 |
||
openvas openvas administrator 1.3.0 |
||
openvas openvas administrator 1.2 |
||
openvas openvas administrator 1.2.1 |
||
openvas openvas administrator 1.3.1 |
||
openvas openvas administrator 1.2.0 |