CVE-2007-2590

{"id": "CVE-2007-2590", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-05-11T04:20:00.000", "references": [{"url": "http://osvdb.org/34514", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25212", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2689", "source": "cve@mitre.org"}, {"url": "http://www.sec-consult.com/289.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/468048/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1727", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/34514", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25212", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/2689", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.sec-consult.com/289.html", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/468048/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/1727", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to obtain user names and other sensitive information via a direct request to (1) usrmgr/userList.asp or (2) usrmgr/userStatusList.asp."}, {"lang": "es", "value": "Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107 y 6.6.2.2, posiblemente involucrando al Novell Groupwise Mobile Server y al Nokia Intellisync Wireless Email Express, permite a atacantes remotos obtener nombres de usuario y otra informaci\u00f3n sensible mediante una petici\u00f3n directa al (1) usrmgr/userList.asp o (2) al usrmgr/userStatusList.asp."}], "lastModified": "2024-11-21T00:31:10.203", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nokia:groupwise_mobile_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49230DA2-0B09-42BF-811B-1CCF56181FBC"}, {"criteria": "cpe:2.3:a:nokia:intellisync_mobile_suite:6.4.31.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3E0EF3B-D4F6-4300-949B-F80285C43CAB"}, {"criteria": "cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.0.107:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB300678-04E7-4F6B-AE43-8931C2FF5F40"}, {"criteria": "cpe:2.3:a:nokia:intellisync_mobile_suite:6.6.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1795FDF-D272-476F-85FA-D57A474CA3F5"}, {"criteria": "cpe:2.3:a:nokia:intellisync_wireless_email_express:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75F41ABD-B71D-48B3-B911-8F0ED1BA8A83"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}