ID CVE-2004-1345
Summary Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
References
Vulnerable Configurations
  • cpe:2.3:h:sun:storedge_3310_scsi_array:*:*:*:*:*:*:*:*
    cpe:2.3:h:sun:storedge_3310_scsi_array:*:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:storedge_3510_fc_array:*:*:*:*:*:*:*:*
    cpe:2.3:h:sun:storedge_3510_fc_array:*:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:enterprise_storage_manager:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:enterprise_storage_manager:2.1:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
assigner via4 cve@mitre.org
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
non_vulnerable_configuration via4
    oval via4
    accepted 2009-07-13T04:00:30.181-04:00
    class vulnerability
    contributors
    • name Brian Soby
      organization The MITRE Corporation
    • name Jonathan Baker
      organization The MITRE Corporation
    description Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
    family unix
    id oval:org.mitre.oval:def:1707
    status accepted
    submitted 2005-01-19T12:00:00.000-04:00
    title Enterprise Storage Manager 2.1 SAN Manager management station patch
    version 31
    refmap via4
    bid 10580
    cert-vn VU#976470
    ciac O-166
    secunia 11935
    sunalert 57581
    xf esm-esmuser-gain-privileges(16463)
    vulnerable_product via4
      Last major update 11-10-2017 - 01:29
      Published 21-06-2004 - 04:00
      Back to Top