CVE-2013-2347

Published Jan 4, 2014

Last updated 5 years ago

Overview

Description: The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
Source: hp-security-alert@hp.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:hp-ux:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8A6DDE92-7632-40CB-A5AB-9CB5A5A5B87F"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:redhat_enterprise_linux:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F376993-B94E-40AB-8CC9-E2146E75FA19"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:solaris:*:*",
            "vulnerable": false,
            "matchCriteriaId": "860CBE84-78D6-493A-8078-11011B323E7B"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2003:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A5C9EAD-3A6A-4392-8D4E-11BD6CC0819E"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2008:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D27B979B-DECC-4B62-A530-BC9F53D14496"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:hp-ux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ACA6A37-A6F0-4F00-8C2B-26E6C797F12B"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:redhat_enterprise_linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1ED73C6-45FD-47E2-B570-60C5C97B91AF"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:solaris:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C311C64C-CFE0-463D-854E-47D2EB8BF227"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2003:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75CD6409-E82D-4C4A-9CEB-9CA822A7DA05"
          },
          {
            "criteria": "cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2008:*:*",
            "vulnerable": true,
            "matchCriteriaId": "656B62B9-4706-4ECC-87F0-AFCB789C8C77"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References