ID CVE-2004-1345
Summary Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
References
Vulnerable Configurations
  • cpe:2.3:h:sun:storedge_3310_scsi_array:*:*:*:*:*:*:*:*
    cpe:2.3:h:sun:storedge_3310_scsi_array:*:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:storedge_3510_fc_array:*:*:*:*:*:*:*:*
    cpe:2.3:h:sun:storedge_3510_fc_array:*:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:enterprise_storage_manager:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:enterprise_storage_manager:2.1:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2009-07-13T04:00:30.181-04:00
class vulnerability
contributors
  • name Brian Soby
    organization The MITRE Corporation
  • name Jonathan Baker
    organization The MITRE Corporation
description Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
family unix
id oval:org.mitre.oval:def:1707
status accepted
submitted 2005-01-19T12:00:00.000-04:00
title Enterprise Storage Manager 2.1 SAN Manager management station patch
version 31
refmap via4
bid 10580
cert-vn VU#976470
ciac O-166
secunia 11935
sunalert 57581
xf esm-esmuser-gain-privileges(16463)
Last major update 11-10-2017 - 01:29
Published 21-06-2004 - 04:00
Back to Top