CVE-2014-2629

Published Aug 12, 2014

Last updated 8 years ago

Overview

Description: HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.
Source: hp-security-alert@hp.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:nonstop_safeguard_security:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DC2FFC0-5BF6-401F-ADB4-48BF20B06415",
            "versionEndIncluding": "g06.29"
          },
          {
            "criteria": "cpe:2.3:a:hp:nonstop_safeguard_security:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "312E3B13-FD91-4BED-96A4-C51420AA59E2",
            "versionEndIncluding": "h06.28.01"
          },
          {
            "criteria": "cpe:2.3:a:hp:nonstop_safeguard_security:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61538466-AFDE-4D12-A696-C015E9A82AEF",
            "versionEndIncluding": "j06.17.01"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References