CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
83.4%
Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.
Vendor | Product | Version | CPE |
---|---|---|---|
ingate | ingate_firewall | 3.2 | cpe:2.3:h:ingate:ingate_firewall:3.2:*:*:*:*:*:*:* |
ingate | ingate_firewall | 3.2.1 | cpe:2.3:h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:* |
ingate | ingate_firewall | 3.3.1 | cpe:2.3:h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:* |
ingate | ingate_firewall | 4.1.3 | cpe:2.3:h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:* |