Unrated severityNVD Advisory· Published Oct 18, 2010· Updated Apr 29, 2026

CVE-2010-0219

Description

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.

Affected products

Apache/Axis27 versions
cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:axis2:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:axis2:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:axis2:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:axis2:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:axis2:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:axis2:1.6:*:*:*:*:*:*:*
SAP/Businessobjects
cpe:2.3:a:sap:businessobjects:3.2:*:enterprise_xi:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

service.sap.com/sap/support/notes/1432881nvdPatch
spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdfnvdExploit
www.rapid7.com/security-center/advisories/R7-0037.jspnvdExploit
secunia.com/advisories/41799nvdVendor Advisory
www.vupen.com/english/advisories/2010/2673nvdVendor Advisory
www.kb.cert.org/vuls/id/989719nvdUS Government Resource
retrogod.altervista.org/9sg_ca_d2d.htmlnvd
secunia.com/advisories/42763nvd
www.exploit-db.com/exploits/15869nvd
www.osvdb.org/70233nvd
www.securityfocus.com/archive/1/514284/100/0/threadednvd
www.securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/62523nvd
kb.juniper.net/KB27373nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000