CVE-2007-4427

medium

Description

Unspecified vulnerability in the login page redirection logic in the Cache' Server Page (CSP) implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection logic, aka MAK2116.

References

http://www.intersystems.com/support/cflash/2007announce.html

http://secunia.com/advisories/26541

http://osvdb.org/40178

http://groups.google.com/group/intersystems-public-cache/browse_thread/thread/57d7c80dde26fda3/7845e246da5b095b

Details

Source: Mitre, NVD

Published: 2007-08-20

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00218