Lucene search

[email protected]NVD:CVE-2007-6098

HistoryNov 22, 2007 - 12:46 a.m.

CVE-2007-6098

2007-11-2200:46:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

66.0%

JSON

Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.

Affected configurations

Nvd

Node

ingateingate_firewallRange≤4.5.2

ingateingate_siparatorRange≤4.5.2

VendorProductVersionCPE
ingateingate_firewall*cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*
ingateingate_siparator*cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ingate	ingate_firewall	*	cpe:2.3:h:ingate:ingate_firewall::::::::
ingate	ingate_siparator	*	cpe:2.3:h:ingate:ingate_siparator::::::::

References

www.ingate.com/relnote-460.php

www.securityfocus.com/bid/26486

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

66.0%

JSON

Related for NVD:CVE-2007-6098

prion1 cvelist1 cve1