CVE-2008-3539 : Détail

CVE-2008-3539

A01-Broken Access Control
0.04%V3
Local
2008-09-10
13h00 +00:00
2017-08-07
10h57 +00:00
CVE.org
NVD
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Gestion des notifications

Descriptions du CVE

Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors.

Informations du CVE

Faiblesses connexes

CWE-ID Nom de la faiblesse Source
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Métriques

Métriques Score Gravité CVSS Vecteur Source
V2 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N [email protected]

EPSS

EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.

Score EPSS

Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.

Percentile EPSS

Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
EPSS First.org

Products Mentioned

Configuraton 0

Hp>>Hpsi_acf2_connector >> Version To (including) 1.02

    Hp>>Hpsi_active_directory_connector >> Version To (including) 1.70.003

      Hp>>Hpsi_active_directory_connector >> Version To (including) 2.10.002

        Hp>>Hpsi_active_directory_connector >> Version To (including) 2.20

          Hp>>Hpsi_active_directory_connector >> Version To (including) 2.30

            Hp>>Hpsi_bidir_dirx_connector >> Version To (including) 1.00.003

              Hp>>Hpsi_edirectory_connector >> Version To (including) 1.12

                Hp>>Hpsi_etrust_connector >> Version To (including) 1.02

                  Hp>>Hpsi_oid_connector >> Version To (including) 1.02

                    Hp>>Hpsi_openldap_connector >> Version To (including) 1.02

                      Hp>>Hpsi_racf_connector >> Version To (including) 1.12.001

                        Hp>>Hpsi_sunone_connector >> Version To (including) 1.14

                          Hp>>Hpsi_topsecret_connector >> Version To (including) 2.22.001

                            Hp>>Ibm_tivoli_dir_connector >> Version To (including) 1.02

                              Microsoft>>Windows >> Version *

                              Références

                              http://secunia.com/advisories/31764
                              Tags : third-party-advisory, x_refsource_SECUNIA
                              http://securityreason.com/securityalert/4236
                              Tags : third-party-advisory, x_refsource_SREASON
                              http://securitytracker.com/id?1020821
                              Tags : vdb-entry, x_refsource_SECTRACK
                              http://www.securityfocus.com/bid/31024
                              Tags : vdb-entry, x_refsource_BID
                              http://marc.info/?l=bugtraq&m=122062779731581&w=2
                              Tags : vendor-advisory, x_refsource_HP
                              http://www.vupen.com/english/advisories/2008/2501
                              Tags : vdb-entry, x_refsource_VUPEN
                              http://marc.info/?l=bugtraq&m=122062779731581&w=2
                              Tags : vendor-advisory, x_refsource_HP