CVE-2007-4349 — HP Openview Performance Agent vulnerability

2 documents2 sources

Severity

4.3MEDIUMNVD

EPSS

1.0%

top 23.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Openview Performance Agent HP Openview Reporter HP Performance Agent +1 more

Timeline

PublishedOct 23

Latest updateMay 1

Description

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

▶NVDhp/openview_performance_agentc.04.60, c.04.61+1

▶NVDhp/openview_reporter3.70

▶NVDhp/performance_agent4.70

▶NVDhp/reporter3.8

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-96px-j5gx-ww84: The Shared Trace Service (aka OVTrace) in HP Performance Agent C↗2022-05-01

▶