CVE-1999-0690Uncontrolled Search Path Element in HP Hp-ux

CWE-427Uncontrolled Search Path Element4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 83.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Hp-ux
Timeline
PublishedJul 1
Latest updateApr 30

Description

HP CDE program includes the current directory in root's PATH variable.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDhp/hp-ux10

🔴Vulnerability Details

2
GHSA
GHSA-rf75-mr45-vgcx: HP CDE program includes the current directory in root's PATH variable2022-04-30
CVEList
CVE-1999-0690: HP CDE program includes the current directory in root's PATH variable2000-01-04

📐Framework References

1
CWE
Uncontrolled Search Path Element
CVE-1999-0690 — Uncontrolled Search Path Element in HP | cvebase