CVE-2009-4184

Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 on HP-UX B.11.23 (11i v2) and HP-UX B.11.31 (11i v3) allows local users to gain access to an Oracle or Sybase database via unknown vectors.

CVSS v2.0 6.2 MEDIUM

6.2^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:N

Exploitability : 3.1 / Impact : 9.2

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact NONE

References

Link	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850	Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850	Vendor Advisory
http://secunia.com/advisories/38423	Vendor Advisory
http://www.securityfocus.com/bid/38035
http://www.securitytracker.com/id?1023523
http://www.vupen.com/english/advisories/2010/0272	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12172
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8305
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850	Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850	Vendor Advisory
http://secunia.com/advisories/38423	Vendor Advisory
http://www.securityfocus.com/bid/38035
http://www.securitytracker.com/id?1023523
http://www.vupen.com/english/advisories/2010/0272	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12172
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8305

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:hp:enterprise_cluster_master_toolkit:b.05.00:*:*:*:*:*:*:*

OR	cpe:2.3:o:hp:hp-ux:11.11i:v2::::::
	cpe:2.3:o:hp:hp-ux:11.11i:v3::::::

History

21 Nov 2024, 01:09

Type	Values Removed	Values Added
References	~~() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850 - Vendor Advisory~~	() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850 - Vendor Advisory
References	~~() http://secunia.com/advisories/38423 - Vendor Advisory~~	() http://secunia.com/advisories/38423 - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/38035 -~~	() http://www.securityfocus.com/bid/38035 -
References	~~() http://www.securitytracker.com/id?1023523 -~~	() http://www.securitytracker.com/id?1023523 -
References	~~() http://www.vupen.com/english/advisories/2010/0272 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2010/0272 - Vendor Advisory
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12172 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12172 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8305 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8305 -

Information

Published : 2010-02-03 18:30

Updated : 2025-04-11 00:51

NVD link : CVE-2009-4184

Mitre link : CVE-2009-4184

CVE.ORG link : CVE-2009-4184

JSON object : View

Products Affected

hp-ux
enterprise_cluster_master_toolkit

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-4184", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:N", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 9.2, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-02-03T18:30:00.547", "references": [{"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://secunia.com/advisories/38423", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://www.securityfocus.com/bid/38035", "source": "hp-security-alert@hp.com"}, {"url": "http://www.securitytracker.com/id?1023523", "source": "hp-security-alert@hp.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0272", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12172", "source": "hp-security-alert@hp.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8305", "source": "hp-security-alert@hp.com"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/38423", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/38035", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1023523", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2010/0272", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12172", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8305", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 on HP-UX B.11.23 (11i v2) and HP-UX B.11.31 (11i v3) allows local users to gain access to an Oracle or Sybase database via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad inespec\u00edfica en HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 en HP-UX B.11.23 (11i v2) y HP-UX B.11.31 (11i v3) permite a usuarios locales conseguir el acceso a las bases de datos Oracle o Sybase a trav\u00e9s de vectores desconocidos."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:enterprise_cluster_master_toolkit:b.05.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B27AD5BD-96F7-473B-B395-D364306E19BC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:11.11i:v2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "27B6D1F2-1FB4-4E43-8457-5D0FEF1AD37E"}, {"criteria": "cpe:2.3:o:hp:hp-ux:11.11i:v3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DCD6B8FB-B76F-4F94-B831-CEB3BDF0A275"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}

6.2 /10