CVE-2007-6267

Published Dec 7, 2007

Last updated 8 years ago

CVSS info 2.1

Overview

Description: Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:citrix:edgesight_for_endpoints:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A51F3443-CC16-40A2-8A43-5E2A6DA1C68B"
          },
          {
            "criteria": "cpe:2.3:a:citrix:edgesight_for_endpoints:4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3807F821-1E3B-4E52-8E14-A6F22DA28D06"
          },
          {
            "criteria": "cpe:2.3:a:citrix:edgesight_for_netscaler:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03B79B3B-A526-496F-84F1-9855C1F1A67D"
          },
          {
            "criteria": "cpe:2.3:a:citrix:edgesight_for_netscaler:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B62588DC-6A3B-4A5D-A822-15268C209696"
          },
          {
            "criteria": "cpe:2.3:a:citrix:edgesight_for_presentation_server:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "079DDF6A-305E-4775-B07D-24F222782160"
          },
          {
            "criteria": "cpe:2.3:a:citrix:edgesight_for_presentation_server:4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FF901DE-4F7B-49A1-A4B9-31FEDF559BFA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References