Lucene search

[email protected]CVE-2007-6098

HistoryNov 22, 2007 - 12:46 a.m.

CVE-2007-6098

2007-11-2200:46:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ingate firewall

siparator

security

firewall

network security

log truncation

remote attack

vulnerability

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.8%

JSON

Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.

CPENameOperatorVersion
ingate:ingate_siparatoringate ingate siparatorle4.5.2
ingate:ingate_firewallingate ingate firewallle4.5.2

CPE	Name	Operator	Version
ingate:ingate_siparator	ingate ingate siparator	le	4.5.2
ingate:ingate_firewall	ingate ingate firewall	le	4.5.2

References

www.ingate.com/relnote-460.php

www.securityfocus.com/bid/26486

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.8%

JSON

Related for CVE-2007-6098

prion1 cvelist1