CVE-2007-4427

Name of the Vulnerable Software and Affected Versions InterSystems Cache versions 2007.1.0.369.0 through 2007.1.1.420.0

Description The issue is related to an unspecified vulnerability in the login page redirection logic in the Cache Server Page (CSP) implementation. This vulnerability allows remote authenticated users to modify data on a server due to the encoding of certain parameter values by this redirection logic.

Recommendations For versions 2007.1.0.369.0 through 2007.1.1.420.0, consider restricting access to the login page redirection logic until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.