Vulnerabilities > CVE-2009-1419 - Unspecified vulnerability in HP Discovery&Dependency Mapping Inventory
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.0.0 through 2.52, 7.50, and 7.51 on Windows allows remote attackers to access DDMI agents via unknown vectors.
Vulnerable Configurations
Nessus
| NASL family | CGI abuses |
| NASL id | HP_DDMI_AGENT_ACCESS.NASL |
| description | The remote host is running an HP Discovery & Dependency Mapping Inventory (DDMI) agent to facilitate communications between a central DDMI server and workstations that are part of the deployed inventory process. The version of the agent on the remote host fails to check for a valid SSL certificate from a known DDMI server before accepting requests and processing them. An unauthenticated, remote attacker can leverage this issue to disclose sensitive information about installed software, read the contents of arbitrary files, launch arbitrary processes with SYSTEM privileges, etc. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 39617 |
| published | 2009-07-06 |
| reporter | This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/39617 |
| title | HP DDMI on Windows Unspecified Remote Agent Access |