Lucene search

[email protected]CVE-2007-5790

HistoryNov 01, 2007 - 4:46 p.m.

CVE-2007-5790

2007-11-0116:46:00

CWE-310

[email protected]

web.nvd.nist.gov

globe7

soft phone

weak cryptography

password

local users

sensitive information

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for the password, which might allow local users to obtain sensitive information.

Affected configurations

NVD

Node

globe7globe7Match7.3

CPENameOperatorVersion
globe7:globe7globe7eq7.3

CPE	Name	Operator	Version
globe7:globe7	globe7	eq	7.3

References

secunia.com/advisories/27400

www.securityfocus.com/bid/26195

www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=364

exchange.xforce.ibmcloud.com/vulnerabilities/37415

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-5790

cvelist1 nvd1 prion1