VYPR
Unrated severityNVD Advisory· Published Dec 1, 2007· Updated Jun 16, 2026

CVE-2007-6198

CVE-2007-6198

Description

portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote attackers to enumerate valid usernames via the in_tx_fulltext parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:bea:aqualogic_interaction:5.0.2:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:bea:aqualogic_interaction:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:aqualogic_interaction:5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:aqualogic_interaction:5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:aqualogic_interaction:6.0.1.218452:*:*:*:*:*:*:*
    • (no CPE)range: 5.0.2 - 5.0.4, 6.0.1.218452

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.