CVE-2015-5402

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows local users to gain privileges, and consequently obtain sensitive information, modify data, or cause a denial of service, via unspecified vectors.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744	Vendor Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*

cpe:2.3:a:hp:matrix_operating_environment:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-08-27 02:59

Updated : 2015-08-27 13:38

NVD link : CVE-2015-5402

Mitre link : CVE-2015-5402

CVE.ORG link : CVE-2015-5402

JSON object : View

Products Affected

hp

systems_insight_manager
matrix_operating_environment

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2015-5402", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-08-27T02:59:02.937", "references": [{"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows local users to gain privileges, and consequently obtain sensitive information, modify data, or cause a denial of service, via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad en HP Systems Insight Manager (SIM) en versiones anteriores a 7.5.0, tal como se utiliza en HP Matrix Operating Environment en versiones anteriores a 7.5.0 y otros productos, permite a usuarios locales obtener privilegios y por consiguiente obtener informaci\u00f3n sensible, modificar datos o causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados."}], "lastModified": "2015-08-27T13:38:35.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BB33421-866C-4D7A-AE82-50DB4EBBEE4C", "versionEndIncluding": "7.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:matrix_operating_environment:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15F63F88-F511-4462-8625-800C5FF1E788", "versionEndIncluding": "7.4"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}