CVE-2007-0310
Severity Score
5.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names.
BMC Remedy Action Request System 5.01.02 Patch 1267 genera diversos mensajes de error para las tentativas falladas de conexión con un username válido que para éstos con un username inválido, lo que permite que los atacantes remotos que determinen nombres de usuario válidos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-01-17 CVE Reserved
- 2007-01-18 CVE Published
- 2024-08-07 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/31658 | Vdb Entry | |
| http://securityreason.com/securityalert/2162 | Third Party Advisory | |
| http://securitytracker.com/id?1017515 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/456949/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/457078/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/22066 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/0204 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31527 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/23775 | 2018-10-16 | |
| http://www.alighieri.org/advisories/advisory-remedy50102.txt | 2018-10-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bmc Search vendor "Bmc" | Remedy Action Request System Search vendor "Bmc" for product "Remedy Action Request System" | 5.01.02_patch_1267 Search vendor "Bmc" for product "Remedy Action Request System" and version "5.01.02_patch_1267" | - |
Affected
| ||||||