CVE-2007-6408

{"id": "CVE-2007-6408", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-12-17T18:46:00.000", "references": [{"url": "http://securityreason.com/securityalert/3458", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/484607/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26724", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38866", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3458", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/484607/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/26724", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38866", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "IBM Tivoli Provisioning Manager Express provides unspecified information in error messages when (1) attempted duplication of a username occurs when creating an account or (2) when trying to login using a valid username, which makes it easier for remote attackers to enumerate usernames."}, {"lang": "es", "value": "IBM Tivoli Provisioning Manager Express proporciona informaci\u00f3n no especificada en mensajes de error cuando (1) se intenta duplicar un nombre de usuario al crear una cuenta \u00f3 (2) al introducir un nombre de usuario v\u00e1lido que facilita a atacantes remotos enumerar los nombre de usuario."}], "lastModified": "2024-11-21T00:40:05.097", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_provisioning_manager_express:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D0FD4F9-F807-4E09-9A0D-C67C3BA1129B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}