ID CVE-2007-4160
Summary The default configuration of TIBCO Rendezvous (RV) 7.5.2 clients, when -no-multicast is omitted, uses a multicast group as the destination for a network message, which might make it easier for remote attackers to capture message contents by sniffing the network.
References
Vulnerable Configurations
  • cpe:2.3:a:tibco:rendezvous:7.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:rendezvous:7.5.2:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-03-2011 - 02:57)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
fulldisc 20070730 Security Testing Enterprise Messaging Systems
misc http://www.irmplc.com/content/pdfs/Security_Testing_Enterprise_Messaging_Systems.pdf
osvdb 46992
sectrack 1018512
vupen ADV-2007-2814
Last major update 08-03-2011 - 02:57
Published 03-08-2007 - 21:17
Last modified 08-03-2011 - 02:57
Back to Top