Vulnerabilities > CVE-2007-0434 - Products Multiple vulnerability in BEA Aqualogic Enterprise Security 2.0/2.1/2.2

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

bea

NVD

Published: 2007-01-23

Updated: 2008-11-13

Summary

BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Aqualogic Enterprise Security 2.0 BEA Aqualogic Enterprise Security 2.1 BEA Aqualogic Enterprise Security 2.2	6

References

http://dev2dev.bea.com/pub/advisory/220
http://osvdb.org/32860
http://secunia.com/advisories/23786
http://www.securityfocus.com/bid/22082