Lucene search

[email protected]CVE-2007-6267

HistoryDec 07, 2007 - 11:46 a.m.

CVE-2007-6267

2007-12-0711:46:00

CWE-255

[email protected]

web.nvd.nist.gov

citrix

edgesight

cve-2007-6267

database security

information exposure

configuration files

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.

Affected configurations

NVD

Node

citrixedgesight_for_endpointsMatch4.2

citrixedgesight_for_endpointsMatch4.5

citrixedgesight_for_netscalerMatch1.0

citrixedgesight_for_netscalerMatch1.1

citrixedgesight_for_presentation_serverMatch4.2

citrixedgesight_for_presentation_serverMatch4.5

CPENameOperatorVersion
citrix:edgesight_for_endpointscitrix edgesight for endpointseq4.2
citrix:edgesight_for_endpointscitrix edgesight for endpointseq4.5
citrix:edgesight_for_netscalercitrix edgesight for netscalereq1.0
citrix:edgesight_for_netscalercitrix edgesight for netscalereq1.1
citrix:edgesight_for_presentation_servercitrix edgesight for presentation servereq4.2
citrix:edgesight_for_presentation_servercitrix edgesight for presentation servereq4.5

CPE	Name	Operator	Version
citrix:edgesight_for_endpoints	citrix edgesight for endpoints	eq	4.2
citrix:edgesight_for_endpoints	citrix edgesight for endpoints	eq	4.5
citrix:edgesight_for_netscaler	citrix edgesight for netscaler	eq	1.0
citrix:edgesight_for_netscaler	citrix edgesight for netscaler	eq	1.1
citrix:edgesight_for_presentation_server	citrix edgesight for presentation server	eq	4.2
citrix:edgesight_for_presentation_server	citrix edgesight for presentation server	eq	4.5

References

secunia.com/advisories/27935

support.citrix.com/article/CTX115281

www.securityfocus.com/bid/26705

www.securitytracker.com/id?1019050

www.vupen.com/english/advisories/2007/4091

exchange.xforce.ibmcloud.com/vulnerabilities/38861

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-6267

cvelist1 prion1 nvd1