Lucene search

[email protected]CVE-2014-2629

HistoryAug 12, 2014 - 2:55 p.m.

CVE-2014-2629

2014-08-1214:55:03

CWE-264

[email protected]

web.nvd.nist.gov

cve-2014-2629

hp nonstop

safeguard security software

acl

remote access

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

48.2%

JSON

HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.

Affected configurations

NVD

Node

hpnonstop_safeguard_securityRange≤g06.29

hpnonstop_safeguard_securityRange≤h06.28.01

hpnonstop_safeguard_securityRange≤j06.17.01

CPENameOperatorVersion
hp:nonstop_safeguard_securityhp nonstop safeguard securityleg06.29
hp:nonstop_safeguard_securityhp nonstop safeguard securityleh06.28.01
hp:nonstop_safeguard_securityhp nonstop safeguard securitylej06.17.01

CPE	Name	Operator	Version
hp:nonstop_safeguard_security	hp nonstop safeguard security	le	g06.29
hp:nonstop_safeguard_security	hp nonstop safeguard security	le	h06.28.01
hp:nonstop_safeguard_security	hp nonstop safeguard security	le	j06.17.01

References

secunia.com/advisories/59981

www.securityfocus.com/bid/69147

www.securitytracker.com/id/1030697

h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=c04391893

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

48.2%

JSON

Related for CVE-2014-2629

cvelist1 nvd1 prion1