CVE-2007-6267

{"id": "CVE-2007-6267", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-12-07T11:46:00.000", "references": [{"url": "http://secunia.com/advisories/27935", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.citrix.com/article/CTX115281", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26705", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1019050", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/4091", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38861", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27935", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://support.citrix.com/article/CTX115281", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/26705", "tags": ["Exploit", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1019050", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/4091", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38861", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information."}, {"lang": "es", "value": "Vulnerabilidad en Citrix EdgeSight 4.2 y 4.5 para Presentation Server, EdgeSight 4.2 y 4.5 para Endpoints, y EdgeSight para NetScaler 1.0 y 1.1 . No guardan correctamente los credenciales de la base de datos en archivos de configuraci\u00f3n, lo que permite que un usuario local pueda obtener informaci\u00f3n sensible."}], "lastModified": "2024-11-21T00:39:44.290", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:citrix:edgesight_for_endpoints:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A51F3443-CC16-40A2-8A43-5E2A6DA1C68B"}, {"criteria": "cpe:2.3:a:citrix:edgesight_for_endpoints:4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3807F821-1E3B-4E52-8E14-A6F22DA28D06"}, {"criteria": "cpe:2.3:a:citrix:edgesight_for_netscaler:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03B79B3B-A526-496F-84F1-9855C1F1A67D"}, {"criteria": "cpe:2.3:a:citrix:edgesight_for_netscaler:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B62588DC-6A3B-4A5D-A822-15268C209696"}, {"criteria": "cpe:2.3:a:citrix:edgesight_for_presentation_server:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "079DDF6A-305E-4775-B07D-24F222782160"}, {"criteria": "cpe:2.3:a:citrix:edgesight_for_presentation_server:4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FF901DE-4F7B-49A1-A4B9-31FEDF559BFA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}