Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, allows remote attackers to execute commands as arbitrary users, and disable firewalling of the protected network.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sofaware | Safe At Office 500 Utm | embedded_ngx_7.0.39_ga |
References
- http://labs.calyptix.com/CX-2007-04.phpPatch
- http://labs.calyptix.com/CX-2007-04.txt
- http://osvdb.org/37644
- http://secunia.com/advisories/25822
- http://www.securityfocus.com/archive/1/472290/100/0/threaded
- http://www.securitytracker.com/id?1018317
- http://www.sofaware.com/supportDownloads.aspx?boneId=182
- http://www.vupen.com/english/advisories/2007/2364
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35094
- http://labs.calyptix.com/CX-2007-04.phpPatch
- http://labs.calyptix.com/CX-2007-04.txt
- http://osvdb.org/37644
- http://secunia.com/advisories/25822
- http://www.securityfocus.com/archive/1/472290/100/0/threaded
FAQ
What is CVE-2007-3462?
CVE-2007-3462 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, allows remote attackers to execute commands as arbitrary users, and di...
How severe is CVE-2007-3462?
CVE-2007-3462 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3462?
Check the references section above for vendor advisories and patch information. Affected products include: Sofaware Safe At Office 500 Utm.