CVE-2007-6197
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.
El portal Plumtree de BEA AquaLogic Interaction, de la versión 5.0.2 a la 5.0.4, y la 6.0.1.218452, permite que atacantes remotos obtengan números de versión y nombres de máquinas internas, leyendo los comentarios en el código HTML de cualquiera de sus páginas.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-11-30 CVE Reserved
- 2007-12-01 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-11-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/archive/1/484467/100/0/threaded | Mailing List | |
| http://www.securitytracker.com/id?1019005 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/4040 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://procheckup.com/Vulnerability_PR06-08.php | 2024-08-07 | |
| http://procheckup.com/Vulnerability_PR06-09.php | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/27840 | 2018-10-15 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bea Search vendor "Bea" | Aqualogic Interaction Search vendor "Bea" for product "Aqualogic Interaction" | 5.0.2 Search vendor "Bea" for product "Aqualogic Interaction" and version "5.0.2" | - |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Interaction Search vendor "Bea" for product "Aqualogic Interaction" | 5.0.3 Search vendor "Bea" for product "Aqualogic Interaction" and version "5.0.3" | - |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Interaction Search vendor "Bea" for product "Aqualogic Interaction" | 5.0.4 Search vendor "Bea" for product "Aqualogic Interaction" and version "5.0.4" | - |
Affected
| ||||||
| Bea Search vendor "Bea" | Aqualogic Interaction Search vendor "Bea" for product "Aqualogic Interaction" | 6.0.1.218452 Search vendor "Bea" for product "Aqualogic Interaction" and version "6.0.1.218452" | - |
Affected
| ||||||