Lucene search
HistoryDec 13, 2007 - 7:46 p.m.
CVE-2007-6330
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.01
Percentile
84.0%
Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a (1) cleartext or (2) weakly encrypted format to support client-side login authentication, which makes it easier for remote attackers to obtain database access by capturing credentials via a man-in-the-middle attack.
Affected configurations
Node
meridian_softwareprolog_managerMatch7.0
ORmeridian_softwareprolog_managerMatch7.5
ORmeridian_softwareprolog_managerMatch2007
| Vendor | Product | Version | CPE |
|---|---|---|---|
| meridian_software | prolog_manager | 7.0 | cpe:2.3:a:meridian_software:prolog_manager:7.0:*:*:*:*:*:*:* |
| meridian_software | prolog_manager | 7.5 | cpe:2.3:a:meridian_software:prolog_manager:7.5:*:*:*:*:*:*:* |
| meridian_software | prolog_manager | 2007 | cpe:2.3:a:meridian_software:prolog_manager:2007:*:*:*:*:*:*:* |
Related
cert
cert
cvelist
cvelist
CVE-2007-6330
2007-12-13 19:00:00
cve
cve
CVE-2007-6330
2007-12-13 19:46:00
prion
prion
Code injection
2007-12-13 19:46:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.01
Percentile
84.0%
Related for NVD:CVE-2007-6330