5
CVE-2007-6197
- EPSS 1.58%
- Veröffentlicht 01.12.2007 06:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bea ≫ Aqualogic Interaction Version5.0.2
Bea ≫ Aqualogic Interaction Version5.0.3
Bea ≫ Aqualogic Interaction Version5.0.4
Bea ≫ Aqualogic Interaction Version6.0.1.218452
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.58% | 0.724 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://procheckup.com/Vulnerability_PR06-08.php
http://procheckup.com/Vulnerability_PR06-09.php
http://secunia.com/advisories/27840
http://www.securityfocus.com/archive/1/484467/100/0/threaded
http://www.securitytracker.com/id?1019005
http://www.vupen.com/english/advisories/2007/4040