PT-2006-4042 · Hosting Controller · Hosting Controller
Published
2006-06-22
·
Updated
2017-07-20
·
CVE-2006-3147
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Hosting Controller versions prior to 6.1 (aka Hotfix 3.2)
Description
The issue allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords. The exact vectors used for the attack are not specified.
Recommendations
For versions prior to 6.1 (aka Hotfix 3.2), update to version 6.1 (aka Hotfix 3.2) or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive reseller information and passwords until the update is applied.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hosting Controller