Lucene search
MitreCVE-2007-4043HistoryJul 27, 2007 - 10:30 p.m.
CVE-2007-4043
2007-07-2722:30:00
CWE-287
mitre
web.nvd.nist.gov
31
cve-2007-4043
file.cgi
secure computing securityreporter
network security analyzer
authentication bypass
traversal vulnerability
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
53.5%
file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a “%00.gif” sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files.
Affected configurations
Node
securecomputingsecurityreporterRange≤4.6.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| securecomputing | securityreporter | * | cpe:2.3:a:securecomputing:securityreporter:*:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2007-07-27 22:30:00
cvelist
cvelist
CVE-2007-4043
2007-07-27 22:00:00
nvd
nvd
CVE-2007-4043
2007-07-27 22:30:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
53.5%
Related for CVE-2007-4043