{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-01-08T00:00:00", "descriptions": [{"lang": "en", "value": "BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "2162", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2162"}, {"name": "20070116 Re: Remedy Action Request System 5.01.02 - User Enumeration", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/457078/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.alighieri.org/advisories/advisory-remedy50102.txt"}, {"name": "22066", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22066"}, {"name": "1017515", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017515"}, {"name": "20070115 Remedy Action Request System 5.01.02 - User Enumeration", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/456949/100/0/threaded"}, {"name": "ADV-2007-0204", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0204"}, {"name": "23775", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23775"}, {"name": "31658", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/31658"}, {"name": "rars-login-information-disclosure(31527)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31527"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0310", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "2162", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2162"}, {"name": "20070116 Re: Remedy Action Request System 5.01.02 - User Enumeration", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/457078/100/0/threaded"}, {"name": "http://www.alighieri.org/advisories/advisory-remedy50102.txt", "refsource": "MISC", "url": "http://www.alighieri.org/advisories/advisory-remedy50102.txt"}, {"name": "22066", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22066"}, {"name": "1017515", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017515"}, {"name": "20070115 Remedy Action Request System 5.01.02 - User Enumeration", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/456949/100/0/threaded"}, {"name": "ADV-2007-0204", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0204"}, {"name": "23775", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23775"}, {"name": "31658", "refsource": "OSVDB", "url": "http://osvdb.org/31658"}, {"name": "rars-login-information-disclosure(31527)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31527"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:12:17.979Z"}, "title": "CVE Program Container", "references": [{"name": "2162", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2162"}, {"name": "20070116 Re: Remedy Action Request System 5.01.02 - User Enumeration", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/457078/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.alighieri.org/advisories/advisory-remedy50102.txt"}, {"name": "22066", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22066"}, {"name": "1017515", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017515"}, {"name": "20070115 Remedy Action Request System 5.01.02 - User Enumeration", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/456949/100/0/threaded"}, {"name": "ADV-2007-0204", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0204"}, {"name": "23775", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23775"}, {"name": "31658", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/31658"}, {"name": "rars-login-information-disclosure(31527)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31527"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0310", "datePublished": "2007-01-18T00:00:00", "dateReserved": "2007-01-17T00:00:00", "dateUpdated": "2024-08-07T12:12:17.979Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bmc:remedy_action_request_system:5.01.02_patch_1267:*:*:*:*:*:*:*", "matchCriteriaId": "A97919E3-3F83-403C-AE2F-5F7CFDBB1985", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names."}, {"lang": "es", "value": "BMC Remedy Action Request System 5.01.02 Patch 1267 genera diversos mensajes de error para las tentativas falladas de conexi\u00f3n con un username v\u00e1lido que para \u00e9stos con un username inv\u00e1lido, lo que permite que los atacantes remotos que determinen nombres de usuario v\u00e1lidos."}], "id": "CVE-2007-0310", "lastModified": "2018-10-16T16:32:13.433", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-01-18T00:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/31658"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23775"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/2162"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017515"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.alighieri.org/advisories/advisory-remedy50102.txt"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/456949/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/457078/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/22066"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0204"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31527"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}