Unrated severityNVD Advisory· Published Feb 7, 2011· Updated Apr 29, 2026

CVE-2010-4506

Description

Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A allows physically proximate attackers to execute arbitrary programs without authentication by triggering use of an invalid SSL certificate and using the Internet Explorer interface to navigate through the filesystem via a "Save As" dialog that is reachable from the "Certificate Export" wizard.

Affected products

Oracle Corporation/Passlogix V Go Self Service Password Reset And Oem
cpe:2.3:a:oracle:passlogix_v-go_self-service_password_reset_and_oem:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securityreason.com/securityalert/8065nvd
www.securityfocus.com/bid/46452nvd
exchange.xforce.ibmcloud.com/vulnerabilities/65439nvd
www.trustwave.com/spiderlabs/advisories/TWSL2010-007.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000