Vulnerability Details CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.8%
CVSS Severity
CVSS v2 Score 3.3
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367
- http://osvdb.org/37563
- http://secunia.com/advisories/26599
- http://securitytracker.com/id?1018607
- http://www.securityfocus.com/bid/25469
- http://www.vupen.com/english/advisories/2007/2985
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5515
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367
- http://osvdb.org/37563
- http://secunia.com/advisories/26599
- http://securitytracker.com/id?1018607
- http://www.securityfocus.com/bid/25469
- http://www.vupen.com/english/advisories/2007/2985
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5515
Products affected by CVE-2007-4590
-
cpe:2.3:a:hp:dynrootdisk:a.1.0.16.417
-
cpe:2.3:a:hp:dynrootdisk:a.1.0.18.245
-
cpe:2.3:a:hp:dynrootdisk:a.1.1.0.344
-
cpe:2.3:a:hp:dynrootdisk:a.2.0.0.592
-
cpe:2.3:a:hp:ignite-ux:c.7.0.212
-
cpe:2.3:a:hp:ignite-ux:c.7.1.92
-
cpe:2.3:a:hp:ignite-ux:c.7.2.93
-
cpe:2.3:a:hp:ignite-ux:c.7.3.144
-
cpe:2.3:o:hp:hp-ux:11.11
-
cpe:2.3:o:hp:hp-ux:11.23
-
cpe:2.3:o:hp:hp-ux:11.31