Lucene search

[email protected]NVD:CVE-2009-1634

HistoryMay 26, 2009 - 3:30 p.m.

CVE-2009-1634

2009-05-2615:30:05

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.213

Percentile

96.5%

JSON

The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors.

Affected configurations

Nvd

Node

novellgroupwiseMatch7.0

novellgroupwiseMatch7.0.0sp1

novellgroupwiseMatch7.0.0sp2

novellgroupwiseMatch7.0.2

novellgroupwiseMatch7.0.3

novellgroupwiseMatch7.03hp1a

novellgroupwiseMatch7.03hp2

novellgroupwiseMatch8.0

novellgroupwiseMatch8.0hp1

VendorProductVersionCPE
novellgroupwise7.0cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*
novellgroupwise7.0.0cpe:2.3:a:novell:groupwise:7.0.0:sp1:*:*:*:*:*:*
novellgroupwise7.0.0cpe:2.3:a:novell:groupwise:7.0.0:sp2:*:*:*:*:*:*
novellgroupwise7.0.2cpe:2.3:a:novell:groupwise:7.0.2:*:*:*:*:*:*:*
novellgroupwise7.0.3cpe:2.3:a:novell:groupwise:7.0.3:*:*:*:*:*:*:*
novellgroupwise7.03cpe:2.3:a:novell:groupwise:7.03:hp1a:*:*:*:*:*:*
novellgroupwise7.03cpe:2.3:a:novell:groupwise:7.03:hp2:*:*:*:*:*:*
novellgroupwise8.0cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*
novellgroupwise8.0cpe:2.3:a:novell:groupwise:8.0:hp1:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	groupwise	7.0	cpe:2.3:a:novell:groupwise:7.0:::::::*
novell	groupwise	7.0.0	cpe:2.3:a:novell:groupwise:7.0.0:sp1::::::
novell	groupwise	7.0.0	cpe:2.3:a:novell:groupwise:7.0.0:sp2::::::
novell	groupwise	7.0.2	cpe:2.3:a:novell:groupwise:7.0.2:::::::*
novell	groupwise	7.0.3	cpe:2.3:a:novell:groupwise:7.0.3:::::::*
novell	groupwise	7.03	cpe:2.3:a:novell:groupwise:7.03:hp1a::::::
novell	groupwise	7.03	cpe:2.3:a:novell:groupwise:7.03:hp2::::::
novell	groupwise	8.0	cpe:2.3:a:novell:groupwise:8.0:::::::*
novell	groupwise	8.0	cpe:2.3:a:novell:groupwise:8.0:hp1::::::

References

secunia.com/advisories/35177

www.novell.com/support/viewContent.do?externalId=7003266&sliceId=1

www.securityfocus.com/bid/35066

www.vupen.com/english/advisories/2009/1393

bugzilla.novell.com/show_bug.cgi?id=472979

exchange.xforce.ibmcloud.com/vulnerabilities/50688

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.213

Percentile

96.5%

JSON

Related for NVD:CVE-2009-1634

cve1 prion1 cvelist1 exploitdb1