CVE-2007-0310

{"id": "CVE-2007-0310", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-01-18T00:28:00.000", "references": [{"url": "http://osvdb.org/31658", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/23775", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2162", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1017515", "source": "cve@mitre.org"}, {"url": "http://www.alighieri.org/advisories/advisory-remedy50102.txt", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/456949/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/457078/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22066", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/0204", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31527", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names."}, {"lang": "es", "value": "BMC Remedy Action Request System 5.01.02 Patch 1267 genera diversos mensajes de error para las tentativas falladas de conexi\u00f3n con un username v\u00e1lido que para \u00e9stos con un username inv\u00e1lido, lo que permite que los atacantes remotos que determinen nombres de usuario v\u00e1lidos."}], "lastModified": "2018-10-16T16:32:13.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bmc:remedy_action_request_system:5.01.02_patch_1267:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A97919E3-3F83-403C-AE2F-5F7CFDBB1985"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}