Lucene search

[email protected]CVE-2007-4319

HistoryAug 13, 2007 - 9:17 p.m.

CVE-2007-4319

2007-08-1321:17:00

[email protected]

web.nvd.nist.gov

zyxel

zywall 2

firmware

vulnerability

denial of service

nvd

cve-2007-4319

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service (infinite reboot loop) via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF; if so, then it should not be included in CVE.

Affected configurations

NVD

Node

zyxelzynosMatch3.62

zyxelzywall_2

CPENameOperatorVersion
zyxel:zynoszyxel zynoseq3.62
zyxel:zywall_2zyxel zywall 2eq*

CPE	Name	Operator	Version
zyxel:zynos	zyxel zynos	eq	3.62
zyxel:zywall_2	zyxel zywall 2	eq	*

References

osvdb.org/42448

securityreason.com/securityalert/3002

www.louhi.fi/advisory/zyxel_070810.txt

www.securityfocus.com/archive/1/476031/100/0/threaded

www.securityfocus.com/bid/25262

exchange.xforce.ibmcloud.com/vulnerabilities/35941

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2007-4319

nvd1 prion1 cvelist1