CVE-2007-0434
Severity Score
4.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection.
BEA AquaLogic Enterprise Security 2.0 hasta 2.0 SP2, 2.1 hasta 2.1 SP1, y 2.2 no configura adecuadamente el nivel de seguridad de los eventos de auditoría cuando la carga del sistema es alta, lo cual podría facilitar a los atacantes evitar la detección.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-01-22 CVE Reserved
- 2007-01-23 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/32860 | Vdb Entry | |
| http://www.securityfocus.com/bid/22082 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://dev2dev.bea.com/pub/advisory/220 | 2008-11-13 | |
| http://secunia.com/advisories/23786 | 2008-11-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bea Search vendor "Bea" | Aqualogic Enterprise Security Search vendor "Bea" for product "Aqualogic Enterprise Security" | 2.0 Search vendor "Bea" for product "Aqualogic Enterprise Security" and version "2.0" | - |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Enterprise Security Search vendor "Bea" for product "Aqualogic Enterprise Security" | 2.0 Search vendor "Bea" for product "Aqualogic Enterprise Security" and version "2.0" | sp1 |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Enterprise Security Search vendor "Bea" for product "Aqualogic Enterprise Security" | 2.0 Search vendor "Bea" for product "Aqualogic Enterprise Security" and version "2.0" | sp2 |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Enterprise Security Search vendor "Bea" for product "Aqualogic Enterprise Security" | 2.1 Search vendor "Bea" for product "Aqualogic Enterprise Security" and version "2.1" | - |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Enterprise Security Search vendor "Bea" for product "Aqualogic Enterprise Security" | 2.1 Search vendor "Bea" for product "Aqualogic Enterprise Security" and version "2.1" | sp1 |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Enterprise Security Search vendor "Bea" for product "Aqualogic Enterprise Security" | 2.2 Search vendor "Bea" for product "Aqualogic Enterprise Security" and version "2.2" | - |
Affected
| ||||||