Lucene search

[email protected]CVE-2007-0819

HistoryFeb 08, 2007 - 6:28 p.m.

CVE-2007-0819

2007-02-0818:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

hp network node manager

nnm

cve-2007-0819

security vulnerability

privilege escalation

activex

trojan horse

hp openview

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service.

CPENameOperatorVersion
hp:network_node_managerhp network node managereq7.5

CPE	Name	Operator	Version
hp:network_node_manager	hp network node manager	eq	7.5

References

archives.neohapsis.com/archives/fulldisclosure/2007-02/0174.html

marc.info/?l=bugtraq&m=125063027228539&w=2

osvdb.org/33130

secunia.com/advisories/24066

securitytracker.com/id?1017609

securityvulns.com/news/HP/NNM/RC/WP.html

www.securityfocus.com/bid/22475

www.vupen.com/english/advisories/2007/0533

exchange.xforce.ibmcloud.com/vulnerabilities/32362

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2007-0819

securityvulns2 prion1