Lucene search

[email protected]NVD:CVE-2007-4152

HistoryAug 03, 2007 - 8:17 p.m.

CVE-2007-4152

2007-08-0320:17:00

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

0.01

Percentile

83.9%

JSON

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit.

Affected configurations

Nvd

Node

visionsoftauditMatch12.4.0.0

VendorProductVersionCPE
visionsoftaudit12.4.0.0cpe:2.3:a:visionsoft:audit:12.4.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
visionsoft	audit	12.4.0.0	cpe:2.3:a:visionsoft:audit:12.4.0.0:::::::*

References

osvdb.org/46980

www.portcullis.co.uk/uplds/advisories/vareplay%2006_044.txt

www.securityfocus.com/bid/25153

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

0.01

Percentile

83.9%

JSON

Related for NVD:CVE-2007-4152

prion1 cvelist1 cve1 openvas1