Vulnerabilities > CVE-2009-2681 - Privilege Escalation vulnerability in HP ProCurve Identity Driven Manager (IDM)

047910
CVSS 6.8 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
hp
microsoft
NVD
Published: 2009-09-29
Updated: 2019-10-09

Summary

Unspecified vulnerability in HP ProCurve Identity Driven Manager (IDM) A.02.x through A.02.03 and A.03.x through A.03.00, on Windows Server 2003 with IAS and Windows Server 2008 with NPS, allows local users to gain privileges via unknown vectors.

Vulnerable Configurations

Part Description Count
Application
Hp
1
OS
Microsoft
2

Seebug

bulletinFamilyexploit
descriptionBugraq ID: 36462 CVE ID:CVE-2009-2681 HP ProCurve Identity Driven Manager是一款允许网管员动态分配用户及设备的网络链接及访问,以适应不同业务策略。 在运行IAS的Microsoft Windows 2003和Windows 2008系统平台运行HP ProCurve Identity Driven Manager存在未明错误。 本地攻击者可以利用此漏洞提升特权。 HP ProCurve Identity Driven Manager (IDM) A.03.00 HP ProCurve Identity Driven Manager (IDM) A.02.03 用户可联系供应商升级IDM A.02.03 Autoupdate 1或IDM A.03.00 Autoupdate 1. http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01798159
idSSV:12392
last seen2017-11-19
modified2009-09-25
published2009-09-25
reporterRoot
titleHP ProCurve Identity Driven Manager (IDM)未明特权提升漏洞

References