Lucene search
HistoryDec 15, 2007 - 2:46 a.m.
CVE-2007-6385
kerio winroute firewall
proxy server
authentication
https
cve-2007-6385
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
26.7%
The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
Affected configurations
Node
keriowinroute_firewallRange≤6.4.0
ORkeriowinroute_firewallMatch5.0.1
ORkeriowinroute_firewallMatch5.0.2
ORkeriowinroute_firewallMatch5.0.3
ORkeriowinroute_firewallMatch5.0.4
ORkeriowinroute_firewallMatch5.0.5
ORkeriowinroute_firewallMatch5.0.6
ORkeriowinroute_firewallMatch5.0.7
ORkeriowinroute_firewallMatch5.0.8
ORkeriowinroute_firewallMatch5.0.9
ORkeriowinroute_firewallMatch5.1
ORkeriowinroute_firewallMatch5.1.1
ORkeriowinroute_firewallMatch5.1.2
ORkeriowinroute_firewallMatch5.1.3
ORkeriowinroute_firewallMatch5.1.4
ORkeriowinroute_firewallMatch5.1.5
ORkeriowinroute_firewallMatch5.1.6
ORkeriowinroute_firewallMatch5.1.7
ORkeriowinroute_firewallMatch5.1.8
ORkeriowinroute_firewallMatch5.1.9
ORkeriowinroute_firewallMatch5.1.10
ORkeriowinroute_firewallMatch5.10
ORkeriowinroute_firewallMatch6.0
ORkeriowinroute_firewallMatch6.0.1
ORkeriowinroute_firewallMatch6.0.2
ORkeriowinroute_firewallMatch6.0.3
ORkeriowinroute_firewallMatch6.0.4
ORkeriowinroute_firewallMatch6.0.5
ORkeriowinroute_firewallMatch6.0.6
ORkeriowinroute_firewallMatch6.0.7
ORkeriowinroute_firewallMatch6.0.8
ORkeriowinroute_firewallMatch6.0.9
ORkeriowinroute_firewallMatch6.0.11
ORkeriowinroute_firewallMatch6.1
ORkeriowinroute_firewallMatch6.1.1
ORkeriowinroute_firewallMatch6.1.2
ORkeriowinroute_firewallMatch6.1.3
ORkeriowinroute_firewallMatch6.1.4
ORkeriowinroute_firewallMatch6.1.4_patch_1
ORkeriowinroute_firewallMatch6.1.4_patch_2
ORkeriowinroute_firewallMatch6.2
ORkeriowinroute_firewallMatch6.2.1
ORkeriowinroute_firewallMatch6.2.2
ORkeriowinroute_firewallMatch6.2.3
ORkeriowinroute_firewallMatch6.3.0
ORkeriowinroute_firewallMatch6.3.1
Related
cvelist
cvelist
CVE-2007-6385
2007-12-15 02:00:00
prion
prion
Authentication flaw
2007-12-15 02:46:00
nvd
nvd
CVE-2007-6385
2007-12-15 02:46:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
26.7%
Related for CVE-2007-6385