Lucene search

[email protected]NVD:CVE-2007-1249

HistoryMar 03, 2007 - 8:19 p.m.

CVE-2007-1249

2007-03-0320:19:00

CWE-362

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.3%

JSON

MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 does not check “the additional environment security configuration,” which allows remote attackers with write permissions to reorder components.

Affected configurations

NVD

Node

contelligentc1_financial_servicesMatch9.1.4

References

osvdb.org/33497

secunia.com/advisories/24364

www.contelligent.com/contell/cms/c1web/contelligent/site/contelligent/changelog.html?fromRelease=9.1.4

www.securityfocus.com/bid/22785

www.vupen.com/english/advisories/2007/0814

exchange.xforce.ibmcloud.com/vulnerabilities/32775

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.3%

JSON

Related for NVD:CVE-2007-1249

cve1 cvelist1 prion1 securityvulns1