CVE-2007-3701

Опубликовано: 11 июл. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tippingpoint:tipping_point:50:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:200:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:200e:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:400:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:600e:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:1200:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:1200e:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:2400e:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:5000e:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:sms:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:x505:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:x506:*:*:*:*:*:*:*

cpe:2.3:a:tippingpoint:tipping_point:zpha:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.1:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.1.4.6324:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.2:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.1.6506:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.2:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.3:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.4:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.5:*:*:*:*:*:*:*

cpe:2.3:o:3com:tippingpoint_ips_tos:2.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.09344

Низкий

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-rmvr-wmxx-583v

github

почти 4 года назад