Lucene search
HistoryJan 23, 2007 - 2:28 a.m.
CVE-2007-0432
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.015
Percentile
87.1%
BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities.
Affected configurations
Node
beaaqualogic_service_busMatch2.0
ORbeaaqualogic_service_busMatch2.1
ORbeaaqualogic_service_busMatch2.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bea | aqualogic_service_bus | 2.0 | cpe:2.3:a:bea:aqualogic_service_bus:2.0:*:*:*:*:*:*:* |
| bea | aqualogic_service_bus | 2.1 | cpe:2.3:a:bea:aqualogic_service_bus:2.1:*:*:*:*:*:*:* |
| bea | aqualogic_service_bus | 2.5 | cpe:2.3:a:bea:aqualogic_service_bus:2.5:*:*:*:*:*:*:* |
Related
prion
prion
Authorization
2007-01-23 02:28:00
cvelist
cvelist
CVE-2007-0432
2007-01-23 02:00:00
cve
cve
CVE-2007-0432
2007-01-23 02:28:00
securityvulns
securityvulns
BEA WebLogic / AquaLogic multiple security vulnerabilities
2007-02-02 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.015
Percentile
87.1%
Related for NVD:CVE-2007-0432