cve-2007-3095
Vulnerability from cvelistv5
Published
2007-06-06 22:00
Modified
2024-08-07 14:05
Severity ?
Summary
Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to "disable the authentication system" and bypass authentication via unknown vectors.
References
cve@mitre.orghttp://osvdb.org/36107
cve@mitre.orghttp://secunia.com/advisories/25543
cve@mitre.orghttp://www.securityfocus.com/bid/24325
cve@mitre.orghttp://www.securitytracker.com/id?1018196
cve@mitre.orghttp://www.symantec.com/avcenter/security/Content/2007.06.05.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2074
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34895
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/36107
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25543
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24325
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018196
af854a3a-2127-422b-91ae-364da2661108http://www.symantec.com/avcenter/security/Content/2007.06.05.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2074
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34895
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:05:29.238Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "36107",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36107"
          },
          {
            "name": "24325",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24325"
          },
          {
            "name": "symantec-unspecified-authentication-bypass(34895)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34895"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05.html"
          },
          {
            "name": "1018196",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018196"
          },
          {
            "name": "ADV-2007-2074",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2074"
          },
          {
            "name": "25543",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25543"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to \"disable the authentication system\" and bypass authentication via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "36107",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36107"
        },
        {
          "name": "24325",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24325"
        },
        {
          "name": "symantec-unspecified-authentication-bypass(34895)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34895"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05.html"
        },
        {
          "name": "1018196",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018196"
        },
        {
          "name": "ADV-2007-2074",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2074"
        },
        {
          "name": "25543",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25543"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3095",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to \"disable the authentication system\" and bypass authentication via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "36107",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36107"
            },
            {
              "name": "24325",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24325"
            },
            {
              "name": "symantec-unspecified-authentication-bypass(34895)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34895"
            },
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2007.06.05.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05.html"
            },
            {
              "name": "1018196",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018196"
            },
            {
              "name": "ADV-2007-2074",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2074"
            },
            {
              "name": "25543",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25543"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3095",
    "datePublished": "2007-06-06T22:00:00",
    "dateReserved": "2007-06-06T00:00:00",
    "dateUpdated": "2024-08-07T14:05:29.238Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D24019B-20F0-4B4D-86A5-9409698E6216\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6090F86-0B42-403F-9996-9B7670EBAA5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3706E76-FC65-467E-8D09-A9EAC32E9BBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF555313-BB5A-4D8A-A3A1-609ABC39F6FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC74372F-329A-4597-810B-88B865771C9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"4D3CBEF5-25C6-41E8-97A3-2AA43134E619\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"81AE594C-41ED-4FE8-839D-B604AE8DC901\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"4AB33BC0-813C-4944-9835-A1F62614CC97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"423C4F6C-4D87-4604-9122-02E2F06FAFB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"60BBE26A-E648-440F-9F08-AA7DD62D6C11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:reporting_server:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.197.0\", \"matchCriteriaId\": \"953B6B3E-C3B9-40E6-95E6-911FFEA9A184\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to \\\"disable the authentication system\\\" and bypass authentication via unknown vectors.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en Symantec Reporting Server 1.0.197.0, y otras versiones anteriores a 1.0.224.0, como el usado en Symantec Client Security 3.1 y posteriores, y Symantec AntiVirus Corporate Edition (SAV CE) 10.1 y posteriores, permite a atacantes remotos \\\"deshabilitar el sistema de autenticaci\\u00f3n\\\" y evitar la autenticaci\\u00f3n mediante vectores no especificados.\"}]",
      "id": "CVE-2007-3095",
      "lastModified": "2024-11-21T00:32:23.850",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-06-06T22:30:00.000",
      "references": "[{\"url\": \"http://osvdb.org/36107\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/25543\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/24325\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1018196\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.symantec.com/avcenter/security/Content/2007.06.05.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2074\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34895\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/36107\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/25543\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/24325\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1018196\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.symantec.com/avcenter/security/Content/2007.06.05.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2074\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34895\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3095\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-06-06T22:30:00.000\",\"lastModified\":\"2024-11-21T00:32:23.850\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to \\\"disable the authentication system\\\" and bypass authentication via unknown vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en Symantec Reporting Server 1.0.197.0, y otras versiones anteriores a 1.0.224.0, como el usado en Symantec Client Security 3.1 y posteriores, y Symantec AntiVirus Corporate Edition (SAV CE) 10.1 y posteriores, permite a atacantes remotos \\\"deshabilitar el sistema de autenticaci\u00f3n\\\" y evitar la autenticaci\u00f3n mediante vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D24019B-20F0-4B4D-86A5-9409698E6216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6090F86-0B42-403F-9996-9B7670EBAA5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3706E76-FC65-467E-8D09-A9EAC32E9BBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF555313-BB5A-4D8A-A3A1-609ABC39F6FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC74372F-329A-4597-810B-88B865771C9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"4D3CBEF5-25C6-41E8-97A3-2AA43134E619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"81AE594C-41ED-4FE8-839D-B604AE8DC901\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"4AB33BC0-813C-4944-9835-A1F62614CC97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"423C4F6C-4D87-4604-9122-02E2F06FAFB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"60BBE26A-E648-440F-9F08-AA7DD62D6C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:reporting_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.197.0\",\"matchCriteriaId\":\"953B6B3E-C3B9-40E6-95E6-911FFEA9A184\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/36107\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25543\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24325\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1018196\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2007.06.05.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2074\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34895\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/36107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24325\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018196\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2007.06.05.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34895\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.