Lucene search

[email protected]CVE-2007-1913

HistoryApr 10, 2007 - 11:19 p.m.

CVE-2007-1913

2007-04-1023:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sap

rfc library

cve-2007-1913

information security

vulnerability

remote attack

user verification

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.018 Low

EPSS

Percentile

87.8%

JSON

The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

CPENameOperatorVersion
sap:rfc_librarysap rfc libraryeq6.4
sap:rfc_librarysap rfc libraryeq7.0

CPE	Name	Operator	Version
sap:rfc_library	sap rfc library	eq	6.4
sap:rfc_library	sap rfc library	eq	7.0

References

secunia.com/advisories/24722

securityreason.com/securityalert/2535

www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf

www.securityfocus.com/archive/1/464669/100/0/threaded

www.securityfocus.com/bid/23305

www.vupen.com/english/advisories/2007/1270

exchange.xforce.ibmcloud.com/vulnerabilities/33423

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.018 Low

EPSS

Percentile

87.8%

JSON

Related for CVE-2007-1913

prion2 securityvulns1 cve2