Lucene search

[email protected]CVE-2007-3788

HistoryJul 15, 2007 - 11:30 p.m.

CVE-2007-3788

2007-07-1523:30:00

[email protected]

web.nvd.nist.gov

esoft instagate ex2

utm device

admin password

sensitive information

html document

cve-2007-3788

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.7%

JSON

The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, which might allow context-dependent attackers to obtain sensitive information by reading this document.

Affected configurations

NVD

Node

esoftinstagate_ex2_utmMatchfirmware_3.1.20031001

esoftinstagate_ex2_utmMatchfirmware_3.1.20060921

esoftinstagate_ex2_utmMatchfirmware_3.1.20070605

CPENameOperatorVersion
esoft:instagate_ex2_utmesoft instagate ex2 utmeqfirmware_3.1.20031001
esoft:instagate_ex2_utmesoft instagate ex2 utmeqfirmware_3.1.20060921
esoft:instagate_ex2_utmesoft instagate ex2 utmeqfirmware_3.1.20070605

CPE	Name	Operator	Version
esoft:instagate_ex2_utm	esoft instagate ex2 utm	eq	firmware_3.1.20031001
esoft:instagate_ex2_utm	esoft instagate ex2 utm	eq	firmware_3.1.20060921
esoft:instagate_ex2_utm	esoft instagate ex2 utm	eq	firmware_3.1.20070605

References

labs.calyptix.com/CX-2007-05.php

labs.calyptix.com/CX-2007-05.txt

osvdb.org/38173

secunia.com/advisories/26005

www.securityfocus.com/archive/1/473663/100/0/threaded

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.7%

JSON

Related for CVE-2007-3788

cvelist1 prion1 nvd1