CVE-2007-6267
Published Dec 7, 2007
Last updated 7 years ago
Overview
- Description
- Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-255
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:edgesight_for_endpoints:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A51F3443-CC16-40A2-8A43-5E2A6DA1C68B"
},
{
"criteria": "cpe:2.3:a:citrix:edgesight_for_endpoints:4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3807F821-1E3B-4E52-8E14-A6F22DA28D06"
},
{
"criteria": "cpe:2.3:a:citrix:edgesight_for_netscaler:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03B79B3B-A526-496F-84F1-9855C1F1A67D"
},
{
"criteria": "cpe:2.3:a:citrix:edgesight_for_netscaler:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B62588DC-6A3B-4A5D-A822-15268C209696"
},
{
"criteria": "cpe:2.3:a:citrix:edgesight_for_presentation_server:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "079DDF6A-305E-4775-B07D-24F222782160"
},
{
"criteria": "cpe:2.3:a:citrix:edgesight_for_presentation_server:4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FF901DE-4F7B-49A1-A4B9-31FEDF559BFA"
}
],
"operator": "OR"
}
]
}
]