Lucene search

[email protected]CVE-2007-3462

HistoryJun 27, 2007 - 6:30 p.m.

CVE-2007-3462

2007-06-2718:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3462

csrf vulnerability

check point

sofaware safe@office

firmware

security vulnerability

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

JSON

Cross-site request forgery (CSRF) vulnerability in Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, allows remote attackers to execute commands as arbitrary users, and disable firewalling of the protected network.

Affected configurations

NVD

Node

sofawaresafe_at_office_500_utmMatchembedded_ngx_7.0.39_ga

CPENameOperatorVersion
sofaware:safe_at_office_500_utmsofaware safe at office 500 utmeqembedded_ngx_7.0.39_ga

CPE	Name	Operator	Version
sofaware:safe_at_office_500_utm	sofaware safe at office 500 utm	eq	embedded_ngx_7.0.39_ga

References

labs.calyptix.com/CX-2007-04.php

labs.calyptix.com/CX-2007-04.txt

osvdb.org/37644

secunia.com/advisories/25822

www.securityfocus.com/archive/1/472290/100/0/threaded

www.securitytracker.com/id?1018317

www.sofaware.com/supportDownloads.aspx?boneId=182

www.vupen.com/english/advisories/2007/2364

exchange.xforce.ibmcloud.com/vulnerabilities/35093

exchange.xforce.ibmcloud.com/vulnerabilities/35094

Social References

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

JSON

Related for CVE-2007-3462

prion1 nvd1 cvelist1