HPSBPI02635 SSRT100391 rev.2 - HP Web Jetadmin Running on Windows, Local Unauthorized Access to Managed Resources

Potential Security Impact

Local unauthorized access to managed resources

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with HP Web Jetadmin running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to resources managed by Web Jetadmin.

RESOLUTION

HP has provided HP Web Jetadmin v10.2 Service Release 5 or later to resolve the vulnerability. HP Web Jetadmin v10.2 Service Release 5 or later is available on the HP Web Jetadmin web page.

> note:
>
> Until HP Web Jetadmin v10.2 Service Release 5 or subsequent is installed, the following recommendations can work around the vulnerability. These recommendations are worthwhile even after the update is installed.
>
> Administrators should ensure that HP Web Jetadmin application features are secured from unauthorized access and the server hosting HP Web Jetadmin is secured from unauthorized access.