← back
CVE-2010-0219

CVE-2010-0219

EPSS 89.9%◆ VulnCheck KEV
Vexday Risk Score
82Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Popular PoC on GitHub (2 stars) — exploitation code widely available.
CVSS EPSS 89.9%KEV nãoPoC públicaNuclei simMetasploit simPatch
Lifecycle
18 Oct 2010Published on NVD
14 Dec 2010Public PoC
30 Dec 2010Metasploit module available
Weaponization speed
56 daysto first PoC
72 daysto Metasploit module
Recommendation: Patch as soon as possible — active exploitation confirmed.
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.