CVE-2000-0159HP Hp-ux vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.7%
top 28.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Hp-ux
Timeline
PublishedFeb 17
Latest updateApr 30

Description

HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDhp/hp-ux11.00

🔴Vulnerability Details

2
GHSA
GHSA-4hjr-mh66-rpm7: HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker2022-04-30
CVEList
CVE-2000-0159: HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker2000-04-18
CVE-2000-0159 — HP Hp-ux vulnerability | cvebase