CVE-2007-6098

Name of the Vulnerable Software and Affected Versions Ingate Firewall versions prior to 4.6.0 SIParator versions prior to 4.6.0

Description The issue concerns the logging mechanism, which fails to log certain events. Specifically, it does not log truncated ICMP, UDP, and TCP packets, and it also does not log serial-console login attempts with nonexistent usernames. This lack of logging might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.

Recommendations For Ingate Firewall versions prior to 4.6.0, update to version 4.6.0 or later to address the logging issue. For SIParator versions prior to 4.6.0, update to version 4.6.0 or later to address the logging issue.