Lucene search

[email protected]CVE-2006-4676

HistorySep 11, 2006 - 5:04 p.m.

CVE-2006-4676

2006-09-1117:04:00

[email protected]

web.nvd.nist.gov

tibco rendezvous

cve-2006-4676

information security

log file vulnerability

6.1 Medium

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.

Affected configurations

NVD

Node

tibcorendezvousRange≤7.4.11

CPENameOperatorVersion
tibco:rendezvoustibco rendezvousle7.4.11

CPE	Name	Operator	Version
tibco:rendezvous	tibco rendezvous	le	7.4.11

References

secunia.com/advisories/21748

www.securityfocus.com/bid/19883

www.vupen.com/english/advisories/2006/3497

www.exploit-db.com/exploits/2284

6.1 Medium

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2006-4676

nvd1 cvelist1