Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-5612

Summary
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
Published At-21 Nov, 2007 | 22:00
Updated At-07 Aug, 2024 | 15:39
Rejected At-
Credits

CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:certcc
Assigner Org ID:37e5125f-f79b-445b-8fad-9564f167944b
Published At:21 Nov, 2007 | 22:00
Updated At:07 Aug, 2024 | 15:39
Rejected At:
▼CVE Numbering Authority (CNA)

CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/MIMG-78YMXE
x_refsource_CONFIRM
http://www.securityfocus.com/bid/26509
vdb-entry
x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/38583
vdb-entry
x_refsource_XF
http://www.kb.cert.org/vuls/id/512193
third-party-advisory
x_refsource_CERT-VN
http://secunia.com/advisories/27752
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1018985
vdb-entry
x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/3942
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.kb.cert.org/vuls/id/MIMG-78YMXE
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/26509
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/38583
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.kb.cert.org/vuls/id/512193
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://secunia.com/advisories/27752
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1018985
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.vupen.com/english/advisories/2007/3942
Resource:
vdb-entry
x_refsource_VUPEN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/MIMG-78YMXE
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/26509
vdb-entry
x_refsource_BID
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/38583
vdb-entry
x_refsource_XF
x_transferred
http://www.kb.cert.org/vuls/id/512193
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://secunia.com/advisories/27752
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1018985
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.vupen.com/english/advisories/2007/3942
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/MIMG-78YMXE
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/26509
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/38583
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/512193
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://secunia.com/advisories/27752
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1018985
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/3942
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cret@cert.org
Published At:21 Nov, 2007 | 22:46
Updated At:29 Jul, 2017 | 01:33

CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
IBM Corporation
ibm
>>director>>*
cpe:2.3:a:ibm:director:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>director>>Versions up to 5.20.1(inclusive)
cpe:2.3:a:ibm:director:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>director>>3.1
cpe:2.3:a:ibm:director:3.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>director>>5.10
cpe:2.3:a:ibm:director:5.10:*:*:*:*:*:*:*
IBM Corporation
ibm
>>director>>5.10.3
cpe:2.3:a:ibm:director:5.10.3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://secunia.com/advisories/27752cret@cert.org
Patch
Vendor Advisory
http://securitytracker.com/id?1018985cret@cert.org
N/A
http://www.kb.cert.org/vuls/id/512193cret@cert.org
US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-78YMXEcret@cert.org
N/A
http://www.securityfocus.com/bid/26509cret@cert.org
Patch
http://www.vupen.com/english/advisories/2007/3942cret@cert.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/38583cret@cert.org
N/A
Hyperlink: http://secunia.com/advisories/27752
Source: cret@cert.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1018985
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/512193
Source: cret@cert.org
Resource:
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/MIMG-78YMXE
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/26509
Source: cret@cert.org
Resource:
Patch
Hyperlink: http://www.vupen.com/english/advisories/2007/3942
Source: cret@cert.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/38583
Source: cret@cert.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

204Records found
CVE-2021-1288
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.60% / 68.38%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:35
Updated-08 Nov, 2024 | 23:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Enf Broker Denial of Service Vulnerability

Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-399
Not Available
CVE-2020-3303
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.46% / 63.11%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:42
Updated-15 Nov, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3351
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.56% / 67.44%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:21
Updated-15 Nov, 2024 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Software Denial of Service Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit this vulnerability by sending crafted UDP messages to the targeted system. A successful exploit could allow the attacker to cause services on the device to fail, resulting in a DoS condition that could impact the targeted device and other devices that depend on it.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000vedge_cloud_routervedge_100mvedge_5000vsmart_controllervedge_100sd-wan_firmwarevedge_1000vedge_100wmvedge_100bCisco SD-WAN Solution
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-9225
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.38% / 79.51%
||
7 Day CHG~0.00%
Published-01 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. This vulnerability affects all versions of the ASA CX Context-Aware Security module. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCva62946.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_cx_context-aware_security_softwareall versions of the ASA CX Context-Aware Security module
CWE ID-CWE-399
Not Available
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found