CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
5.1%
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) SYS$DELLNM system services.
Vendor | Product | Version | CPE |
---|---|---|---|
hp | decnet_plus_for_openvms | 8.3 | cpe:2.3:a:hp:decnet_plus_for_openvms:8.3:*:*:*:*:*:*:* |
hp | openvms | 8.3 | cpe:2.3:a:hp:openvms:8.3:*:*:*:*:*:*:* |