HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
BID:23630
Info
HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
| Bugtraq ID: | 23630 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 24 2007 12:00AM |
| Updated: | Apr 24 2007 09:30PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
HP StorageWorks XP Replication Monitor 5.5 -02 HP StorageWorks XP Replication Monitor 5.0 -00 HP StorageWorks XP Replication Monitor 1.1 -00 HP StorageWorks Command View Advanced Edition for XP 5.5 -02 HP StorageWorks Command View Advanced Edition for XP 5.5 HP StorageWorks Command View Advanced Edition for XP 5.1 -05 HP StorageWorks Command View Advanced Edition for XP 5.0 -00 HP HP StorageWorks XP Tiered Storage Manager 5.5 -01 HP HP StorageWorks XP Tiered Storage Manager 5.0 -00 HP HP StorageWorks XP Tiered Storage Manager 1.1 -00 |
| Not Vulnerable: |
HP StorageWorks XP Tiered Storage Manager 5.5 -02 HP StorageWorks XP Replication Monitor 5.6 -01 HP StorageWorks Command View Advanced Edition for XP 5.6 -01 |
Discussion
HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
HP StorageWorks Command View Advanced Edition for XP is prone to a local unauthorized-access vulnerability.
An attacker can exploit this issue to gain unauthorized access to users' accounts on an affected application.
This issue affects the vulnerable products when any of the following packages are installed:
HP StorageWorks Command View Device Manager
HP StorageWorks Command View Global Link Availability Manager
HP StorageWorks Command View Replication Monitor
HP StorageWorks Command View Tiered Storage Manager
HP StorageWorks Command View Tuning Manager
HP StorageWorks Command View Advanced Edition for XP is prone to a local unauthorized-access vulnerability.
An attacker can exploit this issue to gain unauthorized access to users' accounts on an affected application.
This issue affects the vulnerable products when any of the following packages are installed:
HP StorageWorks Command View Device Manager
HP StorageWorks Command View Global Link Availability Manager
HP StorageWorks Command View Replication Monitor
HP StorageWorks Command View Tiered Storage Manager
HP StorageWorks Command View Tuning Manager
Exploit / POC
HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
Solution:
The vendor has released fixes for this issue. Please see the referenced advisory for more information.
Solution:
The vendor has released fixes for this issue. Please see the referenced advisory for more information.
References
HP StorageWorks Command View Unspecified Local Unauthorized Access Vulnerability
References:
References: