CVE-2007-2230: CVE-2007-2230

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-2230

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

CA CleverPath Portal远程SQL注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

CleverPath Portal是一个安全、可扩展的企业信息门户，提供一个协作环境以及信息、应用和Web内容的整合视图。 CleverPath Portal在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞非授权访问数据库。CleverPath Portal没有正确验证轻型搜索中的ofinterest参数及高级搜索中的description参数，如果攻击者修改了搜索URL中的上述参数的话，就可能导致发送非预期的数据库查询，检索整个数据库内容，具体取决于用户权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-2230

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-2230

Please Login to view more intelligence information

http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=136879x_refsource_CONFIRM
ftp://ftp.ca.com/pub/portal/4.71/4.71.001_188_070329/readme_4.71.001_188_070329.txtx_refsource_CONFIRM
http://www.hacktics.com/AdvCleverPathApr07.htmlx_refsource_MISC
http://supportconnectw.ca.com/public/cp/portal/infodocs/portal-secnot.aspx_refsource_CONFIRM
http://www.osvdb.org/34128vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/25002third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/23671vdb-entryx_refsource_BID
http://www.securitytracker.com/id?1017970vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/1544vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/33853vdb-entryx_refsource_XF
http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0648.htmlmailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/466760/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-2230

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-2230

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2007-2230

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-2230

III. Intelligence Information for CVE-2007-2230

IV. Related Vulnerabilities

V. Comments for CVE-2007-2230

Leave a comment