HP Storage Essentials Secure NaviCLI Bug Grants Access to Remote Users
|
|
SecurityTracker Alert ID: 1022084 |
|
SecurityTracker URL: http://securitytracker.com/id/1022084
|
|
CVE Reference:
CVE-2009-0715
(Links to External Site)
|
Date: Apr 20 2009
|
Impact:
User access via network
|
Vendor Confirmed: Yes
|
Version(s): 6.0.2, 6.0.3, 6.0.4 running Secure NaviCLI
|
Description:
A vulnerability was reported in HP Storage Essentials. A remote user can gain access to the target system.
On systems Secure NaviCLI, a remote user can access the target system and gain privileges on the target system.
|
Impact:
A remote user can gain access to the target system.
|
Solution:
No solution was available at the time of this entry. The vendor has described a workaround in their advisory.
The vendor's advisory is available at:
https://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01633084
|
Vendor URL: www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01633084 (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
Linux (Red Hat Enterprise), Linux (SuSE), OpenVMS, UNIX (AIX), UNIX (HP/UX), UNIX (SGI/IRIX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (2003)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 20 Apr 2009 17:29:14 -0400
Subject: HPSBMA02414 SSRT080185 rev.1 - HP Storage Essentials Running Secure NaviCLI, Remote Unauthorized Access, Gain Extended Privileges
|
https://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01633084
CVE-2009-0715
|
|
