CVE-2007-4590 — HP Dynrootdisk vulnerability

3 documents3 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 75.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Dynrootdisk HP Hp-ux HP Ignite-ux

Timeline

PublishedAug 29

Latest updateMay 1

Description

The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.

CVSS vector

AV:L/AC:M/C:N/I:P/A:PExploitability: 3.4 | Impact: 4.9

Affected Packages3 packages

▶NVDhp/ignite-ux4 versions+3

▶NVDhp/dynrootdisk4 versions+3

▶NVDhp/hp-ux11.11, 11.23, 11.31+2

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-qx4f-wxcg-v25j: The get_system_info command in Ignite-UX C↗2022-05-01

▶

CVEList

CVE-2007-4590: The get_system_info command in Ignite-UX C↗2007-08-29

▶