Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WebConnect Multiple Remote Vulnerabilities (deprecated)

High

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running OpenConnect WebConnect. WebConnect is a web-based graphical user interface that gives remote users console access to mainframe, midrange, and Unix systems. WebConnect can be used to launch a Java-based telnet console that communicates over the HTTP protocol. This version of WebConnect is vulnerable to several remote attacks. The impact of the attack ranges from Denial of Service (DoS) to data compromise. An attacker exploiting these flaws would only need to be able to send HTTP requests to the web server. Successful exploitation would result in compromise of data or loss of availability.

Solution

Upgrade or patch according to vendor recommendations.