CVE-2006-4201 - Unspecified vulnerability in the backup agent and Cell Manager in HP OpenView Storage Data Protector

CVE-2006-4201

Summary

Unspecified vulnerability in the backup agent and Cell Manager in HP OpenView Storage Data Protector 5.1 and 5.5 before 20060810 allows remote attackers to execute arbitrary code on an agent via unspecified vectors related to authentication and input validation. A patch is available for affected versions.

References

Vulnerable Configurations

cpe:2.3:a:hp:openview_storage_data_protector:5.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:5.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:5.5:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:5.5:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 20-07-2017 - 01:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	19495
cert-vn	VU#673228
hp	HPSBMA02138 SSRT061184
misc	http://jvn.jp/niscc/NISCC-412866/ http://www.uniras.gov.uk/niscc/docs/re-20060811-00547.pdf?lang=en
sectrack	1016688
secunia	21485
vupen	ADV-2006-3273
xf	hp-openview-backup-agent-command-execution(28348)

Last major update

20-07-2017 - 01:32

Published

17-08-2006 - 21:04

Last modified

20-07-2017 - 01:32