cbcvebase.
CVE-2007-6509
published 2007-12-21

CVE-2007-6509: Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote attackers to cause a denial of service via a…

PriorityP349high7.8CVSS 2.0
AVNACLAuNCNINAC
EXPLOIT
EPSS
55.17%
98.9th percentile
Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp.

Affected

1 ranges
VendorProductVersion rangeFixed in
appianbusiness_process_management_suite

Detection & IOCsextracted from sources · hover to see the quote

port5400/tcp
urlhttps://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/appian/appian_bpm.rb
bytes
\x02\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x73\x61\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x31\x35\x39\x36
  • Monitor for TCP connections to port 5400 delivering crafted packets matching the known DoS payload byte pattern (starting with \x02\x00\x02\x00) against Appian BPM Suite hosts.
  • A public Metasploit auxiliary module (auxiliary/dos/windows/appian/appian_bpm) exists for this vulnerability; alert on its use or scan for its characteristic payload structure.
  • ·The vulnerability is described as 'unspecified', so the exact triggering condition beyond the crafted packet is not publicly documented; the payload from the PoC may not represent all possible exploit variants.
  • ·Other versions beyond 5.6 SP1 may also be vulnerable, so detection rules should not be scoped exclusively to that version.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.