Lucene search
HistoryJan 23, 2007 - 2:28 a.m.
CVE-2007-0434
cve-2007-0434
bea
aqualogic
enterprise security
severity level
audit events
high system load
attackers
detection
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.2%
BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection.
Affected configurations
Node
beaaqualogic_enterprise_securityMatch2.0
ORbeaaqualogic_enterprise_securityMatch2.0sp1
ORbeaaqualogic_enterprise_securityMatch2.0sp2
ORbeaaqualogic_enterprise_securityMatch2.1
ORbeaaqualogic_enterprise_securityMatch2.1sp1
ORbeaaqualogic_enterprise_securityMatch2.2
Related
nvd
nvd
CVE-2007-0434
2007-01-23 02:28:00
prion
prion
Design/Logic Flaw
2007-01-23 02:28:00
cvelist
cvelist
CVE-2007-0434
2007-01-23 02:00:00
securityvulns
securityvulns
BEA WebLogic / AquaLogic multiple security vulnerabilities
2007-02-02 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.2%
Related for CVE-2007-0434