6.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service.
CPE | Name | Operator | Version |
---|---|---|---|
hp:network_node_manager | hp network node manager | eq | 7.5 |
archives.neohapsis.com/archives/fulldisclosure/2007-02/0174.html
marc.info/?l=bugtraq&m=125063027228539&w=2
osvdb.org/33130
secunia.com/advisories/24066
securitytracker.com/id?1017609
securityvulns.com/news/HP/NNM/RC/WP.html
www.securityfocus.com/bid/22475
www.vupen.com/english/advisories/2007/0533
exchange.xforce.ibmcloud.com/vulnerabilities/32362