CVE-2008-3539

11.09.2008, 01:12

Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	2.1 UNKNOWN	LOCAL	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 31%

Vendor	Product	Version
hp	hpsi_acf2_connector	𝑥 ≤ 1.02
hp	hpsi_active_directory_connector	𝑥 ≤ 1.70.003
hp	hpsi_active_directory_connector	𝑥 ≤ 2.10.002
hp	hpsi_active_directory_connector	𝑥 ≤ 2.20
hp	hpsi_active_directory_connector	𝑥 ≤ 2.30
hp	hpsi_bidir_dirx_connector	𝑥 ≤ 1.00.003
hp	hpsi_edirectory_connector	𝑥 ≤ 1.12
hp	hpsi_etrust_connector	𝑥 ≤ 1.02
hp	hpsi_oid_connector	𝑥 ≤ 1.02
hp	hpsi_openldap_connector	𝑥 ≤ 1.02
hp	hpsi_racf_connector	𝑥 ≤ 1.12.001
hp	hpsi_sunone_connector	𝑥 ≤ 1.14
hp	hpsi_topsecret_connector	𝑥 ≤ 2.22.001
hp	ibm_tivoli_dir_connector	𝑥 ≤ 1.02

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://marc.info/?l=bugtraq&m=122062779731581&w=2

http://secunia.com/advisories/31764

http://securityreason.com/securityalert/4236

http://securitytracker.com/id?1020821

http://www.securityfocus.com/bid/31024

http://www.vupen.com/english/advisories/2008/2501

https://exchange.xforce.ibmcloud.com/vulnerabilities/44916

http://marc.info/?l=bugtraq&m=122062779731581&w=2

http://secunia.com/advisories/31764

http://securityreason.com/securityalert/4236

http://securitytracker.com/id?1020821

http://www.securityfocus.com/bid/31024

http://www.vupen.com/english/advisories/2008/2501

https://exchange.xforce.ibmcloud.com/vulnerabilities/44916