| Vulnerability Name: | CVE-2006-1997 (CCN-25989) | ||||||||
| Assigned: | 2006-04-19 | ||||||||
| Published: | 2006-04-19 | ||||||||
| Updated: | 2017-07-20 | ||||||||
| Summary: | Unspecified vulnerability in Sybase Pylon Anywhere groupware synchronization server before 7.0 allows local users to obtain sensitive information such as email and PIM data of another user via unknown attack vectors. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-1997 Source: CCN Type: SA19784 Pylon Anywhere Access Restriction Bypass Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory 19784 Source: CCN Type: OSVDB ID: 24888 Sybase Pylon Anywhere Groupware Synchronization Server Unspecified Authentication Bypass Source: BID Type: UNKNOWN 17677 Source: CCN Type: BID-17677 Sybase Pylon Anywhere Unauthorized Access Vulnerability Source: CCN Type: Sybase, Inc. Web site Urgent from Sybase: Possible security vulnerability Pylon Anywhere Source: CONFIRM Type: Patch http://www.sybase.com/detail?id=1040213 Source: VUPEN Type: Vendor Advisory ADV-2006-1477 Source: XF Type: UNKNOWN pylon-groupware-unauth-access(25989) Source: XF Type: UNKNOWN pylon-groupware-unauth-access(25989) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||