Lucene search

[email protected]NVD:CVE-2010-4115

HistoryDec 17, 2010 - 7:00 p.m.

CVE-2010-4115

2010-12-1719:00:20

CWE-255

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.006

Percentile

79.5%

JSON

HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS201R014, and TS201R015 installs an undocumented admin account with a default “!admin” password, which allows remote attackers to gain privileges.

Affected configurations

Nvd

Node

hpstorageworks_modular_smart_array_p2000_g3

AND

hpstorageworks_modular_smart_array_p2000_g3_firmwareMatchts100p002

hpstorageworks_modular_smart_array_p2000_g3_firmwareMatchts100r011

hpstorageworks_modular_smart_array_p2000_g3_firmwareMatchts100r025

hpstorageworks_modular_smart_array_p2000_g3_firmwareMatchts200r005

hpstorageworks_modular_smart_array_p2000_g3_firmwareMatchts201r014

hpstorageworks_modular_smart_array_p2000_g3_firmwareMatchts201r015

VendorProductVersionCPE
hpstorageworks_modular_smart_array_p2000_g3*cpe:2.3:h:hp:storageworks_modular_smart_array_p2000_g3:*:*:*:*:*:*:*:*
hpstorageworks_modular_smart_array_p2000_g3_firmwarets100p002cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts100p002:*:*:*:*:*:*:*
hpstorageworks_modular_smart_array_p2000_g3_firmwarets100r011cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts100r011:*:*:*:*:*:*:*
hpstorageworks_modular_smart_array_p2000_g3_firmwarets100r025cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts100r025:*:*:*:*:*:*:*
hpstorageworks_modular_smart_array_p2000_g3_firmwarets200r005cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts200r005:*:*:*:*:*:*:*
hpstorageworks_modular_smart_array_p2000_g3_firmwarets201r014cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts201r014:*:*:*:*:*:*:*
hpstorageworks_modular_smart_array_p2000_g3_firmwarets201r015cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts201r015:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	storageworks_modular_smart_array_p2000_g3	*	cpe:2.3:h:hp:storageworks_modular_smart_array_p2000_g3::::::::
hp	storageworks_modular_smart_array_p2000_g3_firmware	ts100p002	cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts100p002:::::::*
hp	storageworks_modular_smart_array_p2000_g3_firmware	ts100r011	cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts100r011:::::::*
hp	storageworks_modular_smart_array_p2000_g3_firmware	ts100r025	cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts100r025:::::::*
hp	storageworks_modular_smart_array_p2000_g3_firmware	ts200r005	cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts200r005:::::::*
hp	storageworks_modular_smart_array_p2000_g3_firmware	ts201r014	cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts201r014:::::::*
hp	storageworks_modular_smart_array_p2000_g3_firmware	ts201r015	cpe:2.3:a:hp:storageworks_modular_smart_array_p2000_g3_firmware:ts201r015:::::::*

References

archives.neohapsis.com/archives/bugtraq/2010-12/0104.html

marc.info/?l=bugtraq&m=129251637904727&w=2

secunia.com/advisories/42583

www.securityfocus.com/archive/1/515196/100/0/threaded

www.securityfocus.com/archive/1/515251/100/0/threaded

www.securityfocus.com/archive/1/515262/100/0/threaded

www.securityfocus.com/bid/45386

www.securitytracker.com/id?1024904

www.vupen.com/english/advisories/2010/3250

exchange.xforce.ibmcloud.com/vulnerabilities/64125

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.006

Percentile

79.5%

JSON

Related for NVD:CVE-2010-4115

cve1 securityvulns2 cvelist1 prion1 nessus1