Vulnerability Details CVE-2007-6098
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.4%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2007-6098
-
cpe:2.3:h:ingate:ingate_firewall:*
-
cpe:2.3:h:ingate:ingate_siparator:*