// For flags

CVE-2007-6334

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.

Ingres 2.5 y 2.6 para Windows, usados en mĂșltiples productos CA y posiblemente otros, asigna los privilegios y la identidad de los usuarios para que sean la misma que el primer usuario, lo cual permite a atacantes remotos obtener privilegios.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-12-13 CVE Reserved
  • 2007-12-20 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-10-23 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ingres
Search vendor "Ingres"
Ingres
Search vendor "Ingres" for product "Ingres"
2.5
Search vendor "Ingres" for product "Ingres" and version "2.5"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Nt
Search vendor "Microsoft" for product "Windows Nt"
*-
Safe
Ingres
Search vendor "Ingres"
Ingres
Search vendor "Ingres" for product "Ingres"
2.6
Search vendor "Ingres" for product "Ingres" and version "2.6"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Nt
Search vendor "Microsoft" for product "Windows Nt"
*-
Safe