Intrusion Prevention

Jive.Openfire.Jabber.Server.Authentication.Bypass

Description

This indicates an attack attempt against an authentication-bypass vulnerability in Openfire Server.
The vulnerability is caused by a design error wherein the vulnerable software fails to check access privileges. It allows a remote attacker to access functions in the admin web-interface without valid credentials.

Affected Products

Openfire 3.6.0a

Impact

Authentication Bypass

Recommended Actions

We are not aware of any patches supplied by the vendor as of this writing.

CVE References

CVE-2008-6508