Vulnerability Details CVE-2007-3260
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.0%
CVSS Severity
CVSS v2 Score 9.0
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894
- http://osvdb.org/37513
- http://secunia.com/advisories/25689
- http://www.securityfocus.com/bid/24486
- http://www.securitytracker.com/id?1018256
- http://www.vupen.com/english/advisories/2007/2232
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34900
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894
- http://osvdb.org/37513
- http://secunia.com/advisories/25689
- http://www.securityfocus.com/bid/24486
- http://www.securitytracker.com/id?1018256
- http://www.vupen.com/english/advisories/2007/2232
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34900
Products affected by CVE-2007-3260
-
cpe:2.3:a:hp:system_management_homepage:-
-
cpe:2.3:a:hp:system_management_homepage:2.0.0
-
cpe:2.3:a:hp:system_management_homepage:2.0.1
-
cpe:2.3:a:hp:system_management_homepage:2.0.1.104
-
cpe:2.3:a:hp:system_management_homepage:2.0.2
-
cpe:2.3:a:hp:system_management_homepage:2.0.2.106
-
cpe:2.3:a:hp:system_management_homepage:2.1
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-103
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-103(a)
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-109
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-118
-
cpe:2.3:a:hp:system_management_homepage:2.1.0.121
-
cpe:2.3:a:hp:system_management_homepage:2.1.1
-
cpe:2.3:a:hp:system_management_homepage:2.1.2
-
cpe:2.3:a:hp:system_management_homepage:2.1.2-127
-
cpe:2.3:a:hp:system_management_homepage:2.1.2.127
-
cpe:2.3:a:hp:system_management_homepage:2.1.3
-
cpe:2.3:a:hp:system_management_homepage:2.1.3.132
-
cpe:2.3:a:hp:system_management_homepage:2.1.4
-
cpe:2.3:a:hp:system_management_homepage:2.1.4-143
-
cpe:2.3:a:hp:system_management_homepage:2.1.4.143
-
cpe:2.3:a:hp:system_management_homepage:2.1.5
-
cpe:2.3:a:hp:system_management_homepage:2.1.5-146
-
cpe:2.3:a:hp:system_management_homepage:2.1.5.146
-
cpe:2.3:a:hp:system_management_homepage:2.1.6
-
cpe:2.3:a:hp:system_management_homepage:2.1.6-156
-
cpe:2.3:a:hp:system_management_homepage:2.1.6.156
-
cpe:2.3:a:hp:system_management_homepage:2.1.7
-
cpe:2.3:a:hp:system_management_homepage:2.1.7-168
-
cpe:2.3:a:hp:system_management_homepage:2.1.7.168
-
cpe:2.3:a:hp:system_management_homepage:2.1.8