Lucene search

MitreCVE-2007-3095

HistoryJun 06, 2007 - 10:30 p.m.

CVE-2007-3095

2007-06-0622:30:00

mitre

web.nvd.nist.gov

symantec

reporting server

cve-2007-3095

authentication bypass

security vulnerability

nvd

sav ce

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

68.8%

JSON

Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to “disable the authentication system” and bypass authentication via unknown vectors.

Affected configurations

Nvd

Node

symantecclient_securityMatch3.1

symantecclient_securityMatch3.1.394

symantecclient_securityMatch3.1.396

symantecclient_securityMatch3.1.400

symantecclient_securityMatch3.1.401

symantecnorton_antivirusMatch10.0.2.2021corporate

symantecnorton_antivirusMatch10.1corporate

symantecnorton_antivirusMatch10.1.396corporate

symantecnorton_antivirusMatch10.1.400corporate

symantecnorton_antivirusMatch10.1.401corporate

symantecreporting_serverRange≤1.0.197.0

VendorProductVersionCPE
symantecclient_security3.1cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
symantecclient_security3.1.394cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
symantecclient_security3.1.396cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
symantecclient_security3.1.400cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
symantecclient_security3.1.401cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
symantecnorton_antivirus10.0.2.2021cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
symantecnorton_antivirus10.1cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
symantecnorton_antivirus10.1.396cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate:*:*:*:*:*
symantecnorton_antivirus10.1.400cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*
symantecnorton_antivirus10.1.401cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	client_security	3.1	cpe:2.3:a:symantec:client_security:3.1:::::::*
symantec	client_security	3.1.394	cpe:2.3:a:symantec:client_security:3.1.394:::::::*
symantec	client_security	3.1.396	cpe:2.3:a:symantec:client_security:3.1.396:::::::*
symantec	client_security	3.1.400	cpe:2.3:a:symantec:client_security:3.1.400:::::::*
symantec	client_security	3.1.401	cpe:2.3:a:symantec:client_security:3.1.401:::::::*
symantec	norton_antivirus	10.0.2.2021	cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021::corporate:::::
symantec	norton_antivirus	10.1	cpe:2.3:a:symantec:norton_antivirus:10.1::corporate:::::
symantec	norton_antivirus	10.1.396	cpe:2.3:a:symantec:norton_antivirus:10.1.396::corporate:::::
symantec	norton_antivirus	10.1.400	cpe:2.3:a:symantec:norton_antivirus:10.1.400::corporate:::::
symantec	norton_antivirus	10.1.401	cpe:2.3:a:symantec:norton_antivirus:10.1.401::corporate:::::

Rows per page:

1-10 of 111

References

osvdb.org/36107

secunia.com/advisories/25543

www.securityfocus.com/bid/24325

www.securitytracker.com/id?1018196

www.symantec.com/avcenter/security/Content/2007.06.05.html

www.vupen.com/english/advisories/2007/2074

exchange.xforce.ibmcloud.com/vulnerabilities/34895

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

68.8%

JSON

Related for CVE-2007-3095