CVE-2011-0890

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

P Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community.

References

Link	Resource
http://marc.info/?l=bugtraq&m=130082163516878&w=2	Vendor Advisory
http://marc.info/?l=bugtraq&m=130082163516878&w=2	Vendor Advisory
http://securityreason.com/securityalert/8163
http://securitytracker.com/id?1025239
http://www.securityfocus.com/bid/46981
http://www.vupen.com/english/advisories/2011/0755
https://exchange.xforce.ibmcloud.com/vulnerabilities/66242
http://marc.info/?l=bugtraq&m=130082163516878&w=2	Vendor Advisory
http://marc.info/?l=bugtraq&m=130082163516878&w=2	Vendor Advisory
http://securityreason.com/securityalert/8163
http://securitytracker.com/id?1025239
http://www.securityfocus.com/bid/46981
http://www.vupen.com/english/advisories/2011/0755
https://exchange.xforce.ibmcloud.com/vulnerabilities/66242

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.50:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.51:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.60:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.61:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.70:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:9.30:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:25

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=130082163516878&w=2 - Vendor Advisory~~	() http://marc.info/?l=bugtraq&m=130082163516878&w=2 - Vendor Advisory
References	~~() http://securityreason.com/securityalert/8163 -~~	() http://securityreason.com/securityalert/8163 -
References	~~() http://securitytracker.com/id?1025239 -~~	() http://securitytracker.com/id?1025239 -
References	~~() http://www.securityfocus.com/bid/46981 -~~	() http://www.securityfocus.com/bid/46981 -
References	~~() http://www.vupen.com/english/advisories/2011/0755 -~~	() http://www.vupen.com/english/advisories/2011/0755 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/66242 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/66242 -

Information

Published : 2011-03-25 18:55

Updated : 2025-04-11 00:51

NVD link : CVE-2011-0890

Mitre link : CVE-2011-0890

CVE.ORG link : CVE-2011-0890

JSON object : View

Products Affected

discovery\&dependency_mapping_inventory

microsoft

windows

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

5.0 /10