Vulnerability Details CVE-2011-4157
Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.329
EPSS Ranking 96.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03082086
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03082086
- http://www.securityfocus.com/bid/47005
- http://www.securityfocus.com/bid/51042
- http://www.zerodayinitiative.com/advisories/ZDI-11-111/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71766
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03082086
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03082086
- http://www.securityfocus.com/bid/47005
- http://www.securityfocus.com/bid/51042
- http://www.zerodayinitiative.com/advisories/ZDI-11-111/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71766
Products affected by CVE-2011-4157
-
cpe:2.3:a:hp:centralized_management_console_software:7.0.01
-
cpe:2.3:a:hp:centralized_management_console_software:8.0
-
cpe:2.3:a:hp:centralized_management_console_software:8.1
-
cpe:2.3:a:hp:centralized_management_console_software:8.5
-
cpe:2.3:a:hp:centralized_management_console_software:9.0
-
cpe:2.3:a:hp:san/iq:8.0
-
cpe:2.3:a:hp:san/iq:8.1
-
cpe:2.3:a:hp:san/iq:8.5
-
cpe:2.3:a:hp:san/iq:9.0
-
cpe:2.3:h:hp:storageworks_p4000_virtual_san_appliance:*