CVE-2007-1338
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4.
La configuración por defecto de la utilidad AirPort en Apple AirPort Extreme crea un túnel IPv6 pero no habilita la propiedad "Bloquear conexiones entrantes IPv6", lo cual podría permitir a atacantes remotos evitar restricciones de acceso intencionadas estableciendo sesiones IPv6 que serían rechazadas en IPv4.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-03-07 CVE Reserved
- 2007-03-07 CVE Published
- 2024-02-16 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://arstechnica.com/journals/apple.ars/2007/2/14/7063 | X_refsource_misc | |
| http://docs.info.apple.com/article.html?artnum=305366 | X_refsource_confirm | |
| http://osvdb.org/34843 | Vdb Entry | |
| http://secunia.com/advisories/24830 | Third Party Advisory | |
| http://www.securitytracker.com/id?1017889 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/1308 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33526 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Airport Extreme Search vendor "Apple" for product "Airport Extreme" | 7.1 Search vendor "Apple" for product "Airport Extreme" and version "7.1" | - |
Affected
| ||||||