Lucene search

[email protected]CVE-2007-3831

HistoryJul 17, 2007 - 9:30 p.m.

CVE-2007-3831

2007-07-1721:30:00

[email protected]

web.nvd.nist.gov

php

remote file inclusion

iss proventia

ips

cve-2007-3831

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Affected configurations

NVD

Node

ibmproventia_network_ips_gx5008Match1.5

ibmproventia_network_ips_gx5108Match1.3

CPENameOperatorVersion
ibm:proventia_network_ips_gx5008ibm proventia network ips gx5008eq1.5
ibm:proventia_network_ips_gx5108ibm proventia network ips gx5108eq1.3

CPE	Name	Operator	Version
ibm:proventia_network_ips_gx5008	ibm proventia network ips gx5008	eq	1.5
ibm:proventia_network_ips_gx5108	ibm proventia network ips gx5108	eq	1.3

References

osvdb.org/36474

secunia.com/advisories/25979

www.sybsecurity.com/hack-proventia-1.pdf

www.vupen.com/english/advisories/2007/2545

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

Related for CVE-2007-3831

cvelist1 nvd1 prion1