fkie_cve-2007-1345
Vulnerability from fkie_nvd
Published
2007-03-10 19:19
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the password reset interface.
References
cve@mitre.orghttp://secunia.com/advisories/24441Vendor Advisory
cve@mitre.orghttp://securityreason.com/securityalert/2404
cve@mitre.orghttp://www.osvdb.org/32722
cve@mitre.orghttp://www.securityfocus.com/archive/1/462312/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/22885
cve@mitre.orghttp://www.securitytracker.com/id?1017740
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0885
cve@mitre.orghttp://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35145Patch
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/32887
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24441Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2404
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/32722
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/462312/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22885
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017740
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0885
af854a3a-2127-422b-91ae-364da2661108http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35145Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/32887
Impacted products
Vendor Product Version
broadcom etrust_admin 8.1
broadcom etrust_admin 8.1.1
broadcom etrust_admin 8.1.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "08594EFB-E04B-42E8-BE00-C3ACDB62BA4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "137F8204-5A6D-436E-8760-3E0F91A2D2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C362B251-6063-473E-B0AF-4D57BE1D3C7D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the password reset interface."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en cube.exe del componente GIN para CA (Computer Associates) eTrust Admin 8.1.0 hasta 8.1.2 permite a atacantes con acceso f\u00edsico interactivo o Escritorio Remoto evitar la autenticaci\u00f3n y obtener privilegios a trav\u00e9s de la interfaz de restauraci\u00f3n de contrase\u00f1a."
    }
  ],
  "evaluatorComment": "This vulnerability has been addressed by the vendor with the following product patch: ftp://ftp.ca.com/pub/etrust/etradm/ETRADM81SP2/CR_Manual_Updates-8.1sp2-CR6-070301.zip",
  "id": "CVE-2007-1345",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 2.7,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-03-10T19:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24441"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/2404"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/32722"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/462312/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/22885"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017740"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0885"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35145"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32887"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24441"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/32722"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/462312/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22885"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0885"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32887"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.