CVE-2013-6204

The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04140965

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:application_information_optimizer:6.2:::::::*
	cpe:2.3:a:hp:application_information_optimizer:6.3:::::::*
	cpe:2.3:a:hp:application_information_optimizer:6.4:::::::*
	cpe:2.3:a:hp:application_information_optimizer:7.0:::::::*
	cpe:2.3:a:hp:application_information_optimizer:7.1:::::::*

History

No history.

Information

Published : 2014-02-26 14:55

Updated : 2024-02-28 12:20

NVD link : CVE-2013-6204

Mitre link : CVE-2013-6204

CVE.ORG link : CVE-2013-6204

JSON object : View

Products Affected

hp

application_information_optimizer

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-6204", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-02-26T14:55:08.397", "references": [{"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04140965", "source": "hp-security-alert@hp.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004."}, {"lang": "es", "value": "La consola web en HP Application Information Optimizer (anteriormente HP Database Archiving) 6.2, 6.3, 6.4, 7.0 y 7.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario u obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como ZDI-CAN-2004."}], "lastModified": "2019-10-09T23:08:54.147", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:application_information_optimizer:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B208D0D9-82D2-446D-8949-58814BE5CE44"}, {"criteria": "cpe:2.3:a:hp:application_information_optimizer:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F22074F7-55E9-4244-99EC-402E8F2FD839"}, {"criteria": "cpe:2.3:a:hp:application_information_optimizer:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3D2B5F4-0EAE-4603-BCB8-DAF3FEFF4354"}, {"criteria": "cpe:2.3:a:hp:application_information_optimizer:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06D07104-7607-4F52-9440-3DBAD9FD7A6C"}, {"criteria": "cpe:2.3:a:hp:application_information_optimizer:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE8384CE-E37F-4594-9578-2B43E3666206"}], "operator": "OR"}]}], "sourceIdentifier": "hp-security-alert@hp.com"}