HPSBPI02635 SSRT100391 rev.2 - HP Web Jetadmin Running on Windows, Local Unauthorized Access to Managed Resources

2011-02-08T00:00:00
ID HP:C02714670
Type hp
Reporter HP Product Security Response Team
Modified 2018-05-21T00:00:00

Description

Potential Security Impact

Local unauthorized access to managed resources

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with HP Web Jetadmin running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to resources managed by Web Jetadmin.

RESOLUTION

HP has provided HP Web Jetadmin v10.2 Service Release 5 or later to resolve the vulnerability. HP Web Jetadmin v10.2 Service Release 5 or later is available on the HP Web Jetadmin web page.

> note: > > Until HP Web Jetadmin v10.2 Service Release 5 or subsequent is installed, the following recommendations can work around the vulnerability. These recommendations are worthwhile even after the update is installed. > > Administrators should ensure that HP Web Jetadmin application features are secured from unauthorized access and the server hosting HP Web Jetadmin is secured from unauthorized access.