CVE-2007-5008Improper Authentication in HP Hp-ux

CWE-287Improper Authentication3 documents3 sources
Severity
9.0CRITICALNVD
EPSS
1.1%
top 22.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Hp-ux
Timeline
PublishedSep 20
Latest updateMay 1

Description

The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDhp/hp-ux11.11, 11.23, 11.31+2

🔴Vulnerability Details

2
GHSA
GHSA-phq3-r69w-jcx7: The logins command in HP-UX B2022-05-01
CVEList
CVE-2007-5008: The logins command in HP-UX B2007-09-20
CVE-2007-5008 — Improper Authentication in HP Hp-ux | cvebase