Unrated severityNVD Advisory· Published May 12, 2008· Updated Jun 16, 2026
CVE-2008-2139
CVE-2008-2139
Description
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the administrator account.
Affected products
3cpe:2.3:h:rpath:appliance_platform_agent:2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:rpath:appliance_platform_agent:2:*:*:*:*:*:*:*
- cpe:2.3:h:rpath:appliance_platform_agent:3:*:*:*:*:*:*:*
- (no CPE)range: 2 and 3
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.