Vulnerability Description
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Aqualogic Interaction | 5.0.2 |
Related Weaknesses (CWE)
References
- http://procheckup.com/Vulnerability_PR06-08.phpExploit
- http://procheckup.com/Vulnerability_PR06-09.phpExploit
- http://secunia.com/advisories/27840PatchVendor Advisory
- http://www.securityfocus.com/archive/1/484467/100/0/threaded
- http://www.securitytracker.com/id?1019005
- http://www.vupen.com/english/advisories/2007/4040
- http://procheckup.com/Vulnerability_PR06-08.phpExploit
- http://procheckup.com/Vulnerability_PR06-09.phpExploit
- http://secunia.com/advisories/27840PatchVendor Advisory
- http://www.securityfocus.com/archive/1/484467/100/0/threaded
- http://www.securitytracker.com/id?1019005
- http://www.vupen.com/english/advisories/2007/4040
FAQ
What is CVE-2007-6197?
CVE-2007-6197 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of...
How severe is CVE-2007-6197?
CVE-2007-6197 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6197?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Aqualogic Interaction.