Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-5413

Опубликовано: 29 окт. 2007
Источник: nvd
CVSS2: 7.8
EPSS Низкий

Описание

httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hp:openview_client_configuraton_manager:2.0:*:windows:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.0:*:aix:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.0:*:hpux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.0:*:linux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.0:*:solaris:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.0:*:windows:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.1:*:aix:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.1:*:hpux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.1:*:linux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.1:*:solaris:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.1:*:windows:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2:*:aix:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2:*:hpux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2:*:linux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2:*:solaris:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2:*:windows:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2i:*:aix:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2i:*:hpux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2i:*:linux:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2i:*:solaris:*:*:*:*:*
cpe:2.3:a:hp:openview_configuration_management:4.2i:*:windows:*:*:*:*:*

EPSS

Процентиль: 74%
0.00829
Низкий

7.8 High

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-7v4w-hvhc-jxvp

github
почти 4 года назад

httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.

EPSS

Процентиль: 74%
0.00829
Низкий

7.8 High

CVSS2

Дефекты

CWE-200