Vulnerability Details : CVE-2009-2357
The default configuration of TekRADIUS 3.0 uses the sa account to communicate with Microsoft SQL Server, which makes it easier for remote attackers to obtain privileged access to the database and the underlying Windows operating system.
Exploit prediction scoring system (EPSS) score for CVE-2009-2357
Probability of exploitation activity in the next 30 days: 0.76%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 79 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-2357
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2009-2357
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-2357
Products affected by CVE-2009-2357
- cpe:2.3:a:yasinkaplan:tekradius:3.0:*:*:*:*:*:*:*