CVE-2007-0433

Sažetak

Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2, when using Active Directory LDAP for authentication, allows remote authenticated users to access the server even after the account has been disabled.

Reference

http://dev2dev.bea.com/pub/advisory/221
http://osvdb.org/32861
http://secunia.com/advisories/23786
http://securitytracker.com/id?1017524
http://www.securityfocus.com/bid/22082

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

13-11-2008 - 06:31

Objavljeno

23-01-2007 - 02:28