Unrated severityNVD Advisory· Published Dec 1, 2007· Updated Jun 16, 2026
CVE-2007-6198
CVE-2007-6198
Description
portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote attackers to enumerate valid usernames via the in_tx_fulltext parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:bea:aqualogic_interaction:5.0.2:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:bea:aqualogic_interaction:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:bea:aqualogic_interaction:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:bea:aqualogic_interaction:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:bea:aqualogic_interaction:6.0.1.218452:*:*:*:*:*:*:*
- (no CPE)range: 5.0.2 - 5.0.4, 6.0.1.218452
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.