Lucene search
MitreCVE-2007-6385HistoryDec 15, 2007 - 2:46 a.m.
CVE-2007-6385
2007-12-1502:46:00
CWE-287
mitre
web.nvd.nist.gov
21
kerio winroute firewall
proxy server
authentication
https
cve-2007-6385
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
30.8%
The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
Affected configurations
Node
keriowinroute_firewallRange≤6.4.0
ORkeriowinroute_firewallMatch5.0.1
ORkeriowinroute_firewallMatch5.0.2
ORkeriowinroute_firewallMatch5.0.3
ORkeriowinroute_firewallMatch5.0.4
ORkeriowinroute_firewallMatch5.0.5
ORkeriowinroute_firewallMatch5.0.6
ORkeriowinroute_firewallMatch5.0.7
ORkeriowinroute_firewallMatch5.0.8
ORkeriowinroute_firewallMatch5.0.9
ORkeriowinroute_firewallMatch5.1
ORkeriowinroute_firewallMatch5.1.1
ORkeriowinroute_firewallMatch5.1.2
ORkeriowinroute_firewallMatch5.1.3
ORkeriowinroute_firewallMatch5.1.4
ORkeriowinroute_firewallMatch5.1.5
ORkeriowinroute_firewallMatch5.1.6
ORkeriowinroute_firewallMatch5.1.7
ORkeriowinroute_firewallMatch5.1.8
ORkeriowinroute_firewallMatch5.1.9
ORkeriowinroute_firewallMatch5.1.10
ORkeriowinroute_firewallMatch5.10
ORkeriowinroute_firewallMatch6.0
ORkeriowinroute_firewallMatch6.0.1
ORkeriowinroute_firewallMatch6.0.2
ORkeriowinroute_firewallMatch6.0.3
ORkeriowinroute_firewallMatch6.0.4
ORkeriowinroute_firewallMatch6.0.5
ORkeriowinroute_firewallMatch6.0.6
ORkeriowinroute_firewallMatch6.0.7
ORkeriowinroute_firewallMatch6.0.8
ORkeriowinroute_firewallMatch6.0.9
ORkeriowinroute_firewallMatch6.0.11
ORkeriowinroute_firewallMatch6.1
ORkeriowinroute_firewallMatch6.1.1
ORkeriowinroute_firewallMatch6.1.2
ORkeriowinroute_firewallMatch6.1.3
ORkeriowinroute_firewallMatch6.1.4
ORkeriowinroute_firewallMatch6.1.4_patch_1
ORkeriowinroute_firewallMatch6.1.4_patch_2
ORkeriowinroute_firewallMatch6.2
ORkeriowinroute_firewallMatch6.2.1
ORkeriowinroute_firewallMatch6.2.2
ORkeriowinroute_firewallMatch6.2.3
ORkeriowinroute_firewallMatch6.3.0
ORkeriowinroute_firewallMatch6.3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kerio | winroute_firewall | * | cpe:2.3:a:kerio:winroute_firewall:*:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.1 | cpe:2.3:a:kerio:winroute_firewall:5.0.1:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.2 | cpe:2.3:a:kerio:winroute_firewall:5.0.2:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.3 | cpe:2.3:a:kerio:winroute_firewall:5.0.3:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.4 | cpe:2.3:a:kerio:winroute_firewall:5.0.4:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.5 | cpe:2.3:a:kerio:winroute_firewall:5.0.5:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.6 | cpe:2.3:a:kerio:winroute_firewall:5.0.6:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.7 | cpe:2.3:a:kerio:winroute_firewall:5.0.7:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.8 | cpe:2.3:a:kerio:winroute_firewall:5.0.8:*:*:*:*:*:*:* |
| kerio | winroute_firewall | 5.0.9 | cpe:2.3:a:kerio:winroute_firewall:5.0.9:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2007-12-15 02:46:00
cvelist
cvelist
CVE-2007-6385
2007-12-15 02:00:00
nvd
nvd
CVE-2007-6385
2007-12-15 02:46:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
30.8%
Related for CVE-2007-6385