2.1

CVE-2008-3539

EPSS 0.12%
Veröffentlicht 11.09.2008 01:12:57
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hp ≫ Hpsi Acf2 Connector Version <= 1.02

Microsoft ≫ Windows

Hp ≫ Hpsi Active Directory Connector Version <= 1.70.003

Microsoft ≫ Windows

Hp ≫ Hpsi Active Directory Connector Version <= 2.10.002

Microsoft ≫ Windows

Hp ≫ Hpsi Active Directory Connector Version <= 2.20

Microsoft ≫ Windows

Hp ≫ Hpsi Active Directory Connector Version <= 2.30

Microsoft ≫ Windows

Hp ≫ Hpsi Bidir Dirx Connector Version <= 1.00.003

Microsoft ≫ Windows

Hp ≫ Hpsi Edirectory Connector Version <= 1.12

Microsoft ≫ Windows

Hp ≫ Hpsi Etrust Connector Version <= 1.02

Microsoft ≫ Windows

Hp ≫ Hpsi Oid Connector Version <= 1.02

Microsoft ≫ Windows

Hp ≫ Hpsi Openldap Connector Version <= 1.02

Microsoft ≫ Windows

Hp ≫ Hpsi Racf Connector Version <= 1.12.001

Microsoft ≫ Windows

Hp ≫ Hpsi Sunone Connector Version <= 1.14

Microsoft ≫ Windows

Hp ≫ Hpsi Topsecret Connector Version <= 2.22.001

Microsoft ≫ Windows

Hp ≫ Ibm Tivoli Dir Connector Version <= 1.02

Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.275

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://marc.info/?l=bugtraq&m=122062779731581&w=2

Patch

http://secunia.com/advisories/31764

http://securityreason.com/securityalert/4236

http://securitytracker.com/id?1020821

http://www.securityfocus.com/bid/31024

http://www.vupen.com/english/advisories/2008/2501

https://exchange.xforce.ibmcloud.com/vulnerabilities/44916

https://nvd.nist.gov/vuln/detail/CVE-2008-3539

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-3539

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-3539

EUVD