{"api_version":"1","generated_at":"2026-04-22T23:08:42+00:00","cve":"CVE-2006-0993","urls":{"html":"https://cve.report/CVE-2006-0993","api":"https://cve.report/api/cve/CVE-2006-0993.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-0993","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-0993"},"summary":{"title":"CVE-2006-0993","description":"The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-05-10 02:22:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26338","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26338","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/433432/100/0/threaded","name":"http://www.securityfocus.com/archive/1/433432/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/1752","name":"http://www.vupen.com/english/advisories/2006/1752","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/17935","name":"http://www.securityfocus.com/bid/17935","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"3Com TippingPoint SMS Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://securityreason.com/securityalert/870","name":"http://securityreason.com/securityalert/870","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityReason","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/20058","name":"http://secunia.com/advisories/20058","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"3Com TippingPoint SMS Server Information Disclosure - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.osvdb.org/25360","name":"http://www.osvdb.org/25360","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.3com.com/securityalert/alerts/3COM-06-002.html","name":"http://www.3com.com/securityalert/alerts/3COM-06-002.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"3Com Security Alert: 3COM-06-002","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.zerodayinitiative.com/advisories/ZDI-06-013.html","name":"http://www.zerodayinitiative.com/advisories/ZDI-06-013.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"ZDI-06-013 | Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1016051","name":"http://securitytracker.com/id?1016051","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"TippingPoint SMS Server May Disclose Potentially Sensitive Information to Remote Users - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-0993","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-0993","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"993","vulnerable":"1","versionEndIncluding":"2.2.1.4477","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"3com","cpe5":"tippingpoint_sms_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2006","cve_id":"993","cve":"CVE-2006-0993","epss":"0.010600000","percentile":"0.776670000","score_date":"2026-04-20","updated_at":"2026-04-21 00:07:48"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T16:56:15.441Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/433432/100/0/threaded"},{"name":"17935","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/17935"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"},{"name":"20058","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20058"},{"name":"tippingpoint-sms-information-disclosure(26338)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.3com.com/securityalert/alerts/3COM-06-002.html"},{"name":"1016051","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1016051"},{"name":"870","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/870"},{"name":"25360","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/25360"},{"name":"ADV-2006-1752","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/1752"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-05-09T00:00:00.000Z","descriptions":[{"lang":"en","value":"The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-18T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/433432/100/0/threaded"},{"name":"17935","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/17935"},{"tags":["x_refsource_MISC"],"url":"http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"},{"name":"20058","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20058"},{"name":"tippingpoint-sms-information-disclosure(26338)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.3com.com/securityalert/alerts/3COM-06-002.html"},{"name":"1016051","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1016051"},{"name":"870","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/870"},{"name":"25360","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/25360"},{"name":"ADV-2006-1752","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/1752"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-0993","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/433432/100/0/threaded"},{"name":"17935","refsource":"BID","url":"http://www.securityfocus.com/bid/17935"},{"name":"http://www.zerodayinitiative.com/advisories/ZDI-06-013.html","refsource":"MISC","url":"http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"},{"name":"20058","refsource":"SECUNIA","url":"http://secunia.com/advisories/20058"},{"name":"tippingpoint-sms-information-disclosure(26338)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"},{"name":"http://www.3com.com/securityalert/alerts/3COM-06-002.html","refsource":"CONFIRM","url":"http://www.3com.com/securityalert/alerts/3COM-06-002.html"},{"name":"1016051","refsource":"SECTRACK","url":"http://securitytracker.com/id?1016051"},{"name":"870","refsource":"SREASON","url":"http://securityreason.com/securityalert/870"},{"name":"25360","refsource":"OSVDB","url":"http://www.osvdb.org/25360"},{"name":"ADV-2006-1752","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/1752"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-0993","datePublished":"2006-05-10T01:00:00.000Z","dateReserved":"2006-03-03T00:00:00.000Z","dateUpdated":"2024-08-07T16:56:15.441Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-05-10 02:22:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:3com:tippingpoint_sms_server:*:*:*:*:*:*:*:*","versionEndIncluding":"2.2.1.4477","matchCriteriaId":"8386EA42-F932-4562-A9AD-327BE51E2516"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"993","Ordinal":"1","Title":"CVE-2006-0993","CVE":"CVE-2006-0993","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"993","Ordinal":"1","NoteData":"The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.","Type":"Description","Title":"CVE-2006-0993"},{"CveYear":"2006","CveId":"993","Ordinal":"2","NoteData":"2006-05-09","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"993","Ordinal":"3","NoteData":"2018-10-18","Type":"Other","Title":"Modified"}]}}}