CVE-2008-0709

Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214.

CVSS v2.0 5.5 MEDIUM

5.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:N

Exploitability : 8.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01391833
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01391833
http://secunia.com/advisories/29643	Vendor Advisory
http://securitytracker.com/id?1019746
http://www.securityfocus.com/bid/28558
http://www.vupen.com/english/advisories/2008/1072/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41583
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01391833
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01391833
http://secunia.com/advisories/29643	Vendor Advisory
http://securitytracker.com/id?1019746
http://www.securityfocus.com/bid/28558
http://www.vupen.com/english/advisories/2008/1072/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41583

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:microsoft:windows_2003_server::::::::
	cpe:2.3:o:redhat:linux_as3::::::::

cpe:2.3:a:hp:select_identity:4.00:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:hp:hp-ux::::::::
	cpe:2.3:o:microsoft:windows_2003_server::::::::
	cpe:2.3:o:redhat:linux_as3::::::::
	cpe:2.3:o:sun:solaris::::::::

OR	cpe:2.3:a:hp:select_identity:4.01:::::::*
	cpe:2.3:a:hp:select_identity:4.12:::::::*
	cpe:2.3:a:hp:select_identity:4.13:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:hp:hp-ux::::::::
	cpe:2.3:o:microsoft:windows_2003_server::::::::
	cpe:2.3:o:redhat:linux_as3::::::::

cpe:2.3:a:hp:select_identity:4.11:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:hp:hp-ux::::::::
	cpe:2.3:o:microsoft:windows_2003_server::::::::
	cpe:2.3:o:redhat:linux_as4::::::::

cpe:2.3:a:hp:select_identity:4.20:*:*:*:*:*:*:*

History

21 Nov 2024, 00:42

Type	Values Removed	Values Added
References	~~() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01391833 -~~	() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01391833 -
References	~~() http://secunia.com/advisories/29643 - Vendor Advisory~~	() http://secunia.com/advisories/29643 - Vendor Advisory
References	~~() http://securitytracker.com/id?1019746 -~~	() http://securitytracker.com/id?1019746 -
References	~~() http://www.securityfocus.com/bid/28558 -~~	() http://www.securityfocus.com/bid/28558 -
References	~~() http://www.vupen.com/english/advisories/2008/1072/references -~~	() http://www.vupen.com/english/advisories/2008/1072/references -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/41583 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/41583 -

Information

Published : 2008-04-07 17:44

Updated : 2024-11-21 00:42

NVD link : CVE-2008-0709

Mitre link : CVE-2008-0709

CVE.ORG link : CVE-2008-0709

JSON object : View

Products Affected

hp-ux
select_identity

redhat

linux_as4
linux_as3

microsoft

windows_2003_server

sun

solaris

CWE

CWE-264

Permissions, Privileges, and Access Controls

NVD-CWE-noinfo

5.5 /10