CVE-2006-3147

Name of the Vulnerable Software and Affected Versions Hosting Controller versions prior to 6.1 (aka Hotfix 3.2)

Description The issue allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords. The exact vectors used for the attack are not specified.

Recommendations For versions prior to 6.1 (aka Hotfix 3.2), update to version 6.1 (aka Hotfix 3.2) or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive reseller information and passwords until the update is applied.