Vulnerabilites related to hp - performance_agent
CVE-2007-4349 (GCVE-0-2007-4349)
Vulnerability from cvelistv5
Published
2008-10-23 21:00
Modified
2024-08-07 14:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4501",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4501"
},
{
"name": "HPSBMA02391",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122876677518654\u0026w=2"
},
{
"name": "1021092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021092"
},
{
"name": "ov-traceservice-rpc-dos(46028)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"
},
{
"name": "27054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27054"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-83/"
},
{
"name": "20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497648/100/0/threaded"
},
{
"name": "31860",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31860"
},
{
"name": "ADV-2008-2888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2888"
},
{
"name": "HPSBMA02390",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
},
{
"name": "SSRT071481",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "4501",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4501"
},
{
"name": "HPSBMA02391",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122876677518654\u0026w=2"
},
{
"name": "1021092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021092"
},
{
"name": "ov-traceservice-rpc-dos(46028)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"
},
{
"name": "27054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27054"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-83/"
},
{
"name": "20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497648/100/0/threaded"
},
{
"name": "31860",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31860"
},
{
"name": "ADV-2008-2888",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2888"
},
{
"name": "HPSBMA02390",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
},
{
"name": "SSRT071481",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-4349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4501",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4501"
},
{
"name": "HPSBMA02391",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122876677518654\u0026w=2"
},
{
"name": "1021092",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021092"
},
{
"name": "ov-traceservice-rpc-dos(46028)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"
},
{
"name": "27054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27054"
},
{
"name": "http://secunia.com/secunia_research/2007-83/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-83/"
},
{
"name": "20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497648/100/0/threaded"
},
{
"name": "31860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31860"
},
{
"name": "ADV-2008-2888",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2888"
},
{
"name": "HPSBMA02390",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
},
{
"name": "SSRT071481",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-4349",
"datePublished": "2008-10-23T21:00:00",
"dateReserved": "2007-08-14T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4160 (GCVE-0-2011-4160)
Vulnerability from cvelistv5
Published
2011-11-24 02:00
Modified
2024-08-07 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:51.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02726",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"name": "SSRT100685",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"name": "46971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46971"
},
{
"name": "50761",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50761"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-17T10:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02726",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"name": "SSRT100685",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"name": "46971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46971"
},
{
"name": "50761",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50761"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-4160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02726",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"name": "SSRT100685",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"name": "46971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46971"
},
{
"name": "50761",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50761"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2011-4160",
"datePublished": "2011-11-24T02:00:00",
"dateReserved": "2011-10-21T00:00:00",
"dateUpdated": "2024-08-07T00:01:51.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-10-23 22:00
Modified
2025-04-09 00:30
Severity ?
Summary
The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | openview_performance_agent | c.04.60 | |
| hp | openview_performance_agent | c.04.61 | |
| hp | openview_reporter | 3.70 | |
| hp | performance_agent | 4.70 | |
| hp | reporter | 3.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:openview_performance_agent:c.04.60:*:*:*:*:*:*:*",
"matchCriteriaId": "9374AB08-64F6-4376-BF01-652E88A7E050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:openview_performance_agent:c.04.61:*:*:*:*:*:*:*",
"matchCriteriaId": "15053C63-0407-422A-9E7B-591E336D6121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:openview_reporter:3.70:*:*:*:*:*:*:*",
"matchCriteriaId": "380F0F94-E4D6-4630-AC10-C4D8922760A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_agent:4.70:*:*:*:*:*:*:*",
"matchCriteriaId": "4B769539-D927-4086-9160-F162488F5337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:reporter:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCEDB40-6EC3-4F4F-A2E5-5B223AA58DDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference."
},
{
"lang": "es",
"value": "El servicio Shared Trace (tambi\u00e9n se conoce como OVTrace) en HP Performance Agent versi\u00f3n C.04.70 (4.70), HP OpenView Performance Agent versiones C.04.60 y C.04.61, HP Reporter versi\u00f3n 3.8 y HP OpenView Reporter versi\u00f3n 3.7 (Informe 3.70), permite a los atacantes remotos causar una denegaci\u00f3n de servicio por medio de una serie no especificada de peticiones RPC (tambi\u00e9n se conoce como Mensajes de Eventos de Rastreo) que desencadena un acceso de memoria fuera de l\u00edmites, relacionado con una referencia de objeto err\u00f3nea."
}
],
"id": "CVE-2007-4349",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-23T22:00:01.027",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://marc.info/?l=bugtraq\u0026m=122876677518654\u0026w=2"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27054"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-83/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securityreason.com/securityalert/4501"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/497648/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31860"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1021092"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2888"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122876677518654\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122876827120961\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-83/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497648/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-11-24 04:01
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | operations_agent | 11.0 | |
| hp | performance_agent | 4.73 | |
| hp | performance_agent | 5.0 | |
| hp | hp-ux | * | |
| ibm | aix | * | |
| linux | linux_kernel | * | |
| sun | sunos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:operations_agent:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D408D339-7FD3-4523-ABFD-0FA25465EF05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_agent:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "B50910AC-ED8D-4C47-BE35-49B61E1D399E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:performance_agent:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC9FC75-C471-4A41-8DF0-D61534197761",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11AEFEC9-5DB4-44CB-977D-6561DC1680C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP Operations Agent v11.00 y Performance Agent v4.73 y v5.0 en AIX, HP-UX, Linux, y Solaris, permite a usuarios locales evitar las restricciones de acceso del directorio a trav\u00e9s de vectores desconocidos"
}
],
"id": "CVE-2011-4160",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-11-24T04:01:06.773",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://secunia.com/advisories/46971"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/50761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132198248000785\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50761"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}