CVE-2009-2899

The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
VendorProductVersion
vmwarehyperic_hq
𝑥
≤ 4.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://communities.vmware.com/thread/348773
http://support.springsource.com/security/CVE-2009-2899
https://jira.hyperic.com/browse/HHQ-1031
http://communities.vmware.com/thread/348773
http://support.springsource.com/security/CVE-2009-2899
https://jira.hyperic.com/browse/HHQ-1031