{"api_version":"1","generated_at":"2026-04-23T06:58:45+00:00","cve":"CVE-2007-0434","urls":{"html":"https://cve.report/CVE-2007-0434","api":"https://cve.report/api/cve/CVE-2007-0434.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-0434","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-0434"},"summary":{"title":"CVE-2007-0434","description":"BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-01-23 02:28:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.6","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://secunia.com/advisories/23786","name":"http://secunia.com/advisories/23786","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"BEA AquaLogic Weakness and Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://dev2dev.bea.com/pub/advisory/220","name":"http://dev2dev.bea.com/pub/advisory/220","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Audit events may be posted with incorrect severity.","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/22082","name":"http://www.securityfocus.com/bid/22082","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"BEA Multiple Products Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://osvdb.org/32860","name":"http://osvdb.org/32860","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-0434","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0434","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"aqualogic_enterprise_security","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"aqualogic_enterprise_security","cpe6":"2.0","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"aqualogic_enterprise_security","cpe6":"2.0","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"aqualogic_enterprise_security","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"aqualogic_enterprise_security","cpe6":"2.1","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"aqualogic_enterprise_security","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T12:19:30.170Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"22082","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/22082"},{"name":"BEA07-153.00","tags":["vendor-advisory","x_refsource_BEA","x_transferred"],"url":"http://dev2dev.bea.com/pub/advisory/220"},{"name":"23786","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/23786"},{"name":"32860","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/32860"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-01-17T00:00:00.000Z","descriptions":[{"lang":"en","value":"BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2007-09-13T09:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"22082","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/22082"},{"name":"BEA07-153.00","tags":["vendor-advisory","x_refsource_BEA"],"url":"http://dev2dev.bea.com/pub/advisory/220"},{"name":"23786","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/23786"},{"name":"32860","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/32860"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-0434","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"22082","refsource":"BID","url":"http://www.securityfocus.com/bid/22082"},{"name":"BEA07-153.00","refsource":"BEA","url":"http://dev2dev.bea.com/pub/advisory/220"},{"name":"23786","refsource":"SECUNIA","url":"http://secunia.com/advisories/23786"},{"name":"32860","refsource":"OSVDB","url":"http://osvdb.org/32860"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-0434","datePublished":"2007-01-23T02:00:00.000Z","dateReserved":"2007-01-22T00:00:00.000Z","dateUpdated":"2024-08-07T12:19:30.170Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-01-23 02:28:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bea:aqualogic_enterprise_security:2.0:*:*:*:*:*:*:*","matchCriteriaId":"39607EDB-12F7-45CA-8077-155DF4664253"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:aqualogic_enterprise_security:2.0:sp1:*:*:*:*:*:*","matchCriteriaId":"98D2EEE3-A7A3-4DE6-9222-9BEC05154A4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:aqualogic_enterprise_security:2.0:sp2:*:*:*:*:*:*","matchCriteriaId":"B5BA96F7-55CF-44F9-99BC-6A96B061D028"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:aqualogic_enterprise_security:2.1:*:*:*:*:*:*:*","matchCriteriaId":"F3528A55-CEEE-474A-8D03-4CC8E18C92A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:aqualogic_enterprise_security:2.1:sp1:*:*:*:*:*:*","matchCriteriaId":"362C3136-A17A-4279-8878-9419F41A2B37"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:aqualogic_enterprise_security:2.2:*:*:*:*:*:*:*","matchCriteriaId":"CD07BCE0-368F-4019-941E-B97A97FFFE53"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"434","Ordinal":"1","Title":"CVE-2007-0434","CVE":"CVE-2007-0434","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"434","Ordinal":"1","NoteData":"BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection.","Type":"Description","Title":"CVE-2007-0434"},{"CveYear":"2007","CveId":"434","Ordinal":"2","NoteData":"2007-01-22","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"434","Ordinal":"3","NoteData":"2007-09-13","Type":"Other","Title":"Modified"}]}}}