CVE-2007-4931

HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065
http://osvdb.org/45941
http://securitytracker.com/id?1018696
http://www.securityfocus.com/bid/25675

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:system_management_homepage:2.0.0:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.0.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.0.2:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.2:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.3:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.3.132:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.4:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.5:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.6:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.7:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.8:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.9:::::::*

History

No history.

Information

Published : 2007-09-18 18:17

Updated : 2023-12-10 10:40

NVD link : CVE-2007-4931

Mitre link : CVE-2007-4931

CVE.ORG link : CVE-2007-4931

JSON object : View

Products Affected

hp

system_management_homepage

CWE

NVD-CWE-Other

{"id": "CVE-2007-4931", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-09-18T18:17:00.000", "references": [{"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/45941", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1018696", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25675", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL."}, {"lang": "es", "value": "HP System Management Homepage (SMH) para Windows, cuando se usa en conjunto con HP Version Control Agent o Version Control REpository Manager, deja el software OpenSSL activo despu\u00e9s de una actualizaci\u00f3n OpenSSL, lo cual tiene impacto y vectores de ataque desconocidos, probablemente relacionados con vulnerabilidades previas para OpenSSL."}], "lastModified": "2011-03-08T02:59:40.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77"}, {"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}