CVE Vulnerability

CVE-2007-0434

BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection.

4.6 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://dev2dev.bea.com/pub/advisory/220 Vendor Advisory
http://secunia.com/advisories/23786 Vendor Advisory
http://www.securityfocus.com/bid/22082
http://osvdb.org/32860
Configurations

Configuration 1

cpe:2.3:a:bea:aqualogic_enterprise_security:2.0:sp2:*:*:*:*:*:*
cpe:2.3:a:bea:aqualogic_enterprise_security:2.1:sp1:*:*:*:*:*:*
cpe:2.3:a:bea:aqualogic_enterprise_security:2.1:*:*:*:*:*:*:*
cpe:2.3:a:bea:aqualogic_enterprise_security:2.2:*:*:*:*:*:*:*
cpe:2.3:a:bea:aqualogic_enterprise_security:2.0:sp1:*:*:*:*:*:*
cpe:2.3:a:bea:aqualogic_enterprise_security:2.0:*:*:*:*:*:*:*
Information

Published : 2007-01-23 02:28

Updated : 2008-11-13 06:31

NVD link : CVE-2007-0434

Mitre link : CVE-2007-0434

Products Affected
No products.
CWE
NVD-CWE-Other