CVE-2014-2608

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04302476	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-12-10 21:59

Updated : 2024-02-04 18:35

NVD link : CVE-2014-2608

Mitre link : CVE-2014-2608

CVE.ORG link : CVE-2014-2608

JSON object : View

Products Affected

microsoft

windows

hpe

smart_update_manager

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2014-2608", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-12-10T21:59:02.320", "references": [{"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04302476", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en HP Smart Update Manager 6.x anterior a 6.4.1 en Windows, y 6.2.x hasta 6.4.x anterior a 6.4.1 en Linux, permite a usuarios locales obtener informaci\u00f3n sensible, y como consecuencia ganar privilegios, a trav\u00e9s de vectores desconocidos."}], "lastModified": "2020-09-28T14:18:45.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50C769BF-169A-4EFB-952F-0EB4E972730C", "versionEndExcluding": "6.4.1", "versionStartIncluding": "6.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A655736F-A303-4643-801C-7415B6E3F9F7", "versionEndExcluding": "6.4.1", "versionStartIncluding": "6.2.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}