Lucene search
HistoryDec 17, 2007 - 6:46 p.m.
CVE-2007-6408
ibm
tivoli
provisioning manager
express
information disclosure
vulnerability
cve-2007-6408
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
75.1%
IBM Tivoli Provisioning Manager Express provides unspecified information in error messages when (1) attempted duplication of a username occurs when creating an account or (2) when trying to login using a valid username, which makes it easier for remote attackers to enumerate usernames.
Affected configurations
Node
ibmtivoli_provisioning_manager_express
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:tivoli_provisioning_manager_express | ibm tivoli provisioning manager express | eq | * |
Related
nvd
nvd
CVE-2007-6408
2007-12-17 18:46:00
cvelist
cvelist
CVE-2007-6408
2007-12-17 18:00:00
prion
prion
Default credentials
2007-12-17 18:46:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
75.1%
Related for CVE-2007-6408