Vulnerability CVE-2010-3004

Vulnerability Name:

CVE-2010-3004 (CCN-61580)

Assigned:

2010-09-02

Published:

2010-09-02

Updated:

2019-10-09

Summary:

Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows remote attackers to execute arbitrary code via unknown vectors.
Per: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02497800

'A potential security vulnerability has been identified with HP Operations Agent running on Windows.'
Per: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02497800

'RESOLUTION

HP has provided hotfixes for Operations Agent v7.36 and v8.6 to resolve this vulnerability. Please contact your HP Software support channel to request the hotfixes below.

For Operations agent v7.36 request hotfixes for QCCR1A106920 and QCCR1A106834.

For Operations agent v8.6 request hotfixes for QCCR1A106558 and
QCCR1A106917."

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial