Lucene search

[email protected]NVD:CVE-2007-3581

HistoryJul 05, 2007 - 8:30 p.m.

CVE-2007-3581

2007-07-0520:30:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.004

Percentile

73.8%

JSON

The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View.

Affected configurations

Nvd

Node

jedoxpaloMatch1.5

VendorProductVersionCPE
jedoxpalo1.5cpe:2.3:a:jedox:palo:1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jedox	palo	1.5	cpe:2.3:a:jedox:palo:1.5:::::::*

References

85.10.222.122/mantis/public_show_bug.php?bug_id=452

osvdb.org/45754

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.004

Percentile

73.8%

JSON

Related for NVD:CVE-2007-3581

prion1 cvelist1 cve1