CVE-2007-1345

{"id": "CVE-2007-1345", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 2.7, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2007-03-10T19:19:00.000", "references": [{"url": "http://secunia.com/advisories/24441", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2404", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/32722", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/462312/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22885", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017740", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/0885", "source": "cve@mitre.org"}, {"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35145", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32887", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24441", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/2404", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/32722", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/462312/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/22885", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1017740", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/0885", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35145", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32887", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the password reset interface."}, {"lang": "es", "value": "Vulnerabilidad no especificada en cube.exe del componente GIN para CA (Computer Associates) eTrust Admin 8.1.0 hasta 8.1.2 permite a atacantes con acceso f\u00edsico interactivo o Escritorio Remoto evitar la autenticaci\u00f3n y obtener privilegios a trav\u00e9s de la interfaz de restauraci\u00f3n de contrase\u00f1a."}], "lastModified": "2024-11-21T00:28:04.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08594EFB-E04B-42E8-BE00-C3ACDB62BA4C"}, {"criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "137F8204-5A6D-436E-8760-3E0F91A2D2A7"}, {"criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C362B251-6063-473E-B0AF-4D57BE1D3C7D"}], "operator": "OR"}]}], "evaluatorComment": "This vulnerability has been addressed by the vendor with the following product patch: ftp://ftp.ca.com/pub/etrust/etradm/ETRADM81SP2/CR_Manual_Updates-8.1sp2-CR6-070301.zip", "sourceIdentifier": "cve@mitre.org"}