Lucene search

[email protected]CVE-2007-5437

HistoryOct 13, 2007 - 1:17 a.m.

CVE-2007-5437

2007-10-1301:17:00

CWE-59

[email protected]

web.nvd.nist.gov

etrust

itm

web console

remote attackers

redirect

security vulnerability

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.7%

JSON

The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.

Affected configurations

NVD

Node

broadcometrust_integrated_threat_managementMatch8.1

CPENameOperatorVersion
broadcom:etrust_integrated_threat_managementbroadcom etrust integrated threat managementeq8.1

CPE	Name	Operator	Version
broadcom:etrust_integrated_threat_management	broadcom etrust integrated threat management	eq	8.1

References

osvdb.org/43482

securityreason.com/securityalert/3219

www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf

www.securityfocus.com/archive/1/482021/100/0/threaded

www.securityfocus.com/bid/26013

Social References

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for CVE-2007-5437

cvelist1 prion1 nvd1