ID CVE-2007-4159
Summary index.html in the HTTP administration interface in certain daemons in TIBCO Rendezvous (RV) 7.5.2 allows remote attackers to obtain sensitive information, such as a user name and IP addresses, via a direct request.
References
Vulnerable Configurations
  • cpe:2.3:a:tibco:rendezvous:7.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:rendezvous:7.5.2:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-03-2011 - 02:57)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
fulldisc 20070730 Security Testing Enterprise Messaging Systems
misc http://www.irmplc.com/content/pdfs/Security_Testing_Enterprise_Messaging_Systems.pdf
osvdb 46993
sectrack 1018512
vupen ADV-2007-2814
Last major update 08-03-2011 - 02:57
Published 03-08-2007 - 21:17
Last modified 08-03-2011 - 02:57
Back to Top