CVE-2010-4105

Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass intended access restrictions, and obtain sensitive information or modify data, via unknown vectors.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/42036	Vendor Advisory
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02573285
http://www.securityfocus.com/bid/44534
http://www.vupen.com/english/advisories/2010/2829	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:insight_orchestration::::::::
	cpe:2.3:a:hp:insight_orchestration:6.0:::::::*

History

No history.

Information

Published : 2010-11-02 02:26

Updated : 2024-02-28 11:41

NVD link : CVE-2010-4105

Mitre link : CVE-2010-4105

CVE.ORG link : CVE-2010-4105

JSON object : View

Products Affected

hp

insight_orchestration

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-4105", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-11-02T02:26:30.990", "references": [{"url": "http://secunia.com/advisories/42036", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02573285", "source": "hp-security-alert@hp.com"}, {"url": "http://www.securityfocus.com/bid/44534", "source": "hp-security-alert@hp.com"}, {"url": "http://www.vupen.com/english/advisories/2010/2829", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass intended access restrictions, and obtain sensitive information or modify data, via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en HP Insight Orchestration en versiones anteriores a la v6.2 permite a atacantes remotos evitar las restricciones de acceso, y obtener informaci\u00f3n confidencial o modificar datos, a trav\u00e9s de vectores de ataque desconocidos."}], "lastModified": "2019-10-09T23:01:44.220", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:insight_orchestration:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00538581-90F7-4018-9CCC-57DC8AE198B7", "versionEndIncluding": "6.1"}, {"criteria": "cpe:2.3:a:hp:insight_orchestration:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AB453E5-DBAA-4F65-9E91-B5541CA1D5D9"}], "operator": "OR"}]}], "sourceIdentifier": "hp-security-alert@hp.com"}