Vulnerabilities > CVE-2007-4590 - Local Security vulnerability in HP Dynrootdisk, Hp-Ux and Ignite-Ux

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
hp

Summary

The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.

Oval

accepted2015-04-20T04:02:25.978-04:00
classvulnerability
contributors
  • nameMichael Wood
    organizationHewlett-Packard
  • nameMichael Wood
    organizationHewlett-Packard
  • nameSushant Kumar Singh
    organizationHewlett-Packard
  • nameSushant Kumar Singh
    organizationHewlett-Packard
  • namePrashant Kumar
    organizationHewlett-Packard
  • nameMike Cokus
    organizationThe MITRE Corporation
descriptionThe get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
familyunix
idoval:org.mitre.oval:def:5515
statusaccepted
submitted2008-07-03T16:09:04.000-04:00
titleHP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change
version46