6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
88.2%
The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the “Block incoming IPv6 connections” setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4.
CPE | Name | Operator | Version |
---|---|---|---|
apple:airport_extreme | apple airport extreme | eq | 7.1 |
arstechnica.com/journals/apple.ars/2007/2/14/7063
docs.info.apple.com/article.html?artnum=305366
lists.apple.com/archives/security-announce/2007/Apr/msg00000.html
osvdb.org/34843
secunia.com/advisories/24830
www.securitytracker.com/id?1017889
www.vupen.com/english/advisories/2007/1308
exchange.xforce.ibmcloud.com/vulnerabilities/33526