CVE-2007-4152

high

Description

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit.

References

http://www.securityfocus.com/bid/25153

http://www.portcullis.co.uk/uplds/advisories/vareplay%2006_044.txt

http://osvdb.org/46980

Details

Source: Mitre, NVD

Published: 2007-08-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N