CVE-2007-2513 - Vulnerability Details - OpenCVE

Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Novell	Groupwise

Configuration 1 [-]

OR	cpe:2.3:a:novell:groupwise:6.5:::::::*
	cpe:2.3:a:novell:groupwise:6.5:sp1::::::
	cpe:2.3:a:novell:groupwise:6.5:sp2::::::
	cpe:2.3:a:novell:groupwise:6.5:sp3::::::
	cpe:2.3:a:novell:groupwise:6.5:sp4::::::
	cpe:2.3:a:novell:groupwise:6.5:sp5::::::
	cpe:2.3:a:novell:groupwise:6.5:sp6::::::
	cpe:2.3:a:novell:groupwise:7.0:::::::*
	cpe:2.3:a:novell:groupwise:7.0:sp1::::::

No data.

References

Link	Providers
http://osvdb.org/35942
http://secunia.com/advisories/25498
http://securitytracker.com/id?1018180
http://www.securityfocus.com/bid/24258
http://www.vupen.com/english/advisories/2007/2024
https://exchange.xforce.ibmcloud.com/vulnerabilities/34655
https://secure-support.novell.com/KanisaPlatform/Publishing/300/3382383_f.SAL_Public.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-04T16:00:00

Updated: 2024-08-07T13:42:33.378Z

Reserved: 2007-05-07T00:00:00

Link: CVE-2007-2513

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-06-04T16:30:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-2513

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-06-01T00:00:00", "descriptions": [{"lang": "en", "value": "Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-2024", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2024"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/300/3382383_f.SAL_Public.html"}, {"name": "groupwise-unspecified-mitm(34655)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34655"}, {"name": "25498", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25498"}, {"name": "24258", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24258"}, {"name": "1018180", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018180"}, {"name": "35942", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/35942"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2513", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-2024", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2024"}, {"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/300/3382383_f.SAL_Public.html", "refsource": "CONFIRM", "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/300/3382383_f.SAL_Public.html"}, {"name": "groupwise-unspecified-mitm(34655)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34655"}, {"name": "25498", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25498"}, {"name": "24258", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24258"}, {"name": "1018180", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018180"}, {"name": "35942", "refsource": "OSVDB", "url": "http://osvdb.org/35942"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:42:33.378Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-2024", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2024"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/300/3382383_f.SAL_Public.html"}, {"name": "groupwise-unspecified-mitm(34655)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34655"}, {"name": "25498", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25498"}, {"name": "24258", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24258"}, {"name": "1018180", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018180"}, {"name": "35942", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/35942"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2513", "datePublished": "2007-06-04T16:00:00", "dateReserved": "2007-05-07T00:00:00", "dateUpdated": "2024-08-07T13:42:33.378Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2AD18143-9962-4C0D-AD3D-66C0CF3FB5D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "08A78BE7-6426-41CD-BBAF-9BB951726D33", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "E50599E1-45E5-443F-AAEC-F91778CA4792", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp3:*:*:*:*:*:*", "matchCriteriaId": "F0BB62B7-C895-4AB6-9CEB-4B312E334953", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp4:*:*:*:*:*:*", "matchCriteriaId": "A91EAC4C-8EEE-4050-B1AD-E677AD90327D", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp5:*:*:*:*:*:*", "matchCriteriaId": "C7F65030-60A2-4EC2-A06D-EC5249FD9FA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp6:*:*:*:*:*:*", "matchCriteriaId": "8CB8A6AD-94E4-4871-9BCA-EC637161E70D", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "A9FBB457-FDC0-485F-951A-C0A7661A92B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack."}, {"lang": "es", "value": "Novell GroupWise 7 anterior a SP2 20070524, y GroupWise 6 anterior a 6.5 post-SP6 20070522, permite a atacantes remotos obtener credenciales a trav\u00e9s de un ataque de \"hombre en medio\" (man-in-the-middle).\r\n"}], "id": "CVE-2007-2513", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-06-04T16:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/35942"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25498"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018180"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24258"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2024"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34655"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/300/3382383_f.SAL_Public.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/35942"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25498"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018180"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24258"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34655"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/300/3382383_f.SAL_Public.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}