CVE-2007-1913

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

La función TRUSTED_SYSTEM_SECURITY en la SAP RFC Library 6.40 y 7.00 anterior al 11/12/2006 permite a atacantes remotos verificar la existencia de usuarios y grupos en sistemas y dominios mediante vectores no especificados, una vulnerabilidad diferente que CVE-2006-6010. NOTA: esta información está basada en revelaciones iniciales imprecisas. Los detalles serán actualizados cuando termine el periodo de gracia.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-04-10 CVE Reserved
2007-04-10 CVE Published
2024-08-07 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
http://secunia.com/advisories/24722	Third Party Advisory
http://securityreason.com/securityalert/2535	Third Party Advisory
http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf	X_refsource_misc
http://www.securityfocus.com/archive/1/464669/100/0/threaded	Mailing List
http://www.vupen.com/english/advisories/2007/1270	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/33423	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.securityfocus.com/bid/23305	2021-09-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Ibm Search vendor "Ibm"	Racf Search vendor "Ibm" for product "Racf"	-	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Apple Search vendor "Apple"	Macos Search vendor "Apple" for product "Macos"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Hp Search vendor "Hp"	Tru64 Search vendor "Hp" for product "Tru64"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Ibm Search vendor "Ibm"	Aix Search vendor "Ibm" for product "Aix"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Ibm Search vendor "Ibm"	Os 400 Search vendor "Ibm" for product "Os 400"	gold Search vendor "Ibm" for product "Os 400" and version "gold"	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Ibm Search vendor "Ibm"	Os 400 Search vendor "Ibm" for product "Os 400"	v5r2m0 Search vendor "Ibm" for product "Os 400" and version "v5r2m0"	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Linux Search vendor "Linux"	Linux Kernel Search vendor "Linux" for product "Linux Kernel"	*	ia32_64-bit	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Server Search vendor "Microsoft" for product "Windows Server"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Siemens Search vendor "Siemens"	Reliant Unix Search vendor "Siemens" for product "Reliant Unix"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	6.4 Search vendor "Sap" for product "Rfc Library" and version "6.4"	-	Affected	in	Sun Search vendor "Sun"	Solaris Search vendor "Sun" for product "Solaris"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Ibm Search vendor "Ibm"	Racf Search vendor "Ibm" for product "Racf"	-	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Apple Search vendor "Apple"	Macos Search vendor "Apple" for product "Macos"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Hp Search vendor "Hp"	Tru64 Search vendor "Hp" for product "Tru64"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Ibm Search vendor "Ibm"	Aix Search vendor "Ibm" for product "Aix"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Ibm Search vendor "Ibm"	Os 400 Search vendor "Ibm" for product "Os 400"	gold Search vendor "Ibm" for product "Os 400" and version "gold"	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Ibm Search vendor "Ibm"	Os 400 Search vendor "Ibm" for product "Os 400"	v5r2m0 Search vendor "Ibm" for product "Os 400" and version "v5r2m0"	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Linux Search vendor "Linux"	Linux Kernel Search vendor "Linux" for product "Linux Kernel"	*	ia32_64-bit	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Server Search vendor "Microsoft" for product "Windows Server"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Siemens Search vendor "Siemens"	Reliant Unix Search vendor "Siemens" for product "Reliant Unix"	*	-	Safe
Sap Search vendor "Sap"	Rfc Library Search vendor "Sap" for product "Rfc Library"	7.0 Search vendor "Sap" for product "Rfc Library" and version "7.0"	-	Affected	in	Sun Search vendor "Sun"	Solaris Search vendor "Sun" for product "Solaris"	*	-	Safe