CVE-2007-3260 — HP System Management Homepage vulnerability

3 documents3 sources

Severity

9.0CRITICALNVD

EPSS

0.4%

top 37.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP System Management Homepage

Timeline

PublishedJun 19

Latest updateMay 1

Description

HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/system_management_homepage2.1.8

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-29p8-p94j-7f9c: HP System Management Homepage (SMH) before 2↗2022-05-01

▶

CVEList

CVE-2007-3260: HP System Management Homepage (SMH) before 2↗2007-06-19

▶