PT-2014-4833 · Hewlett Packard · Hp Nonstop Safeguard Security
Published
2014-08-12
·
Updated
2017-01-07
·
CVE-2014-2629
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
HP NonStop Safeguard Security Software G versions H06.03 through H06.28.01
HP NonStop Safeguard Security Software G versions J06.03 through J06.17.01
Description
The issue is related to the improper evaluation of the DISKFILE-PATTERN ACL of a program object file. This allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.
Recommendations
For versions H06.03 through H06.28.01, update to a version that properly evaluates the DISKFILE-PATTERN ACL to prevent unauthorized access.
For versions J06.03 through J06.17.01, update to a version that properly evaluates the DISKFILE-PATTERN ACL to prevent unauthorized access.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hp Nonstop Safeguard Security