CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-7119
https://notcve.org/view.php?id=CVE-2018-7119
A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials. Se identificó una vulnerabilidad de Revelación de información local sensible en HPE NonStop Safeguard, versión anterior a SPR T9750L01^AIC o T9750H05^AIH, y en versiones posteriores cuando el atributo de configuración PASSWORD-PROMPT no está configurado en BLIND; todas las versiones en H-series. STDSEC-STANDARD SECURITY PROD Todas las versiones anteriores a T6533L01^ADU o T6533H05^ADW, y las versiones posteriores cuando el atributo de configuración PASSWORD-PROMPT no está configurado en BLIND y todas las versiones de la serie H . • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03910en_us •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2123
https://notcve.org/view.php?id=CVE-2015-2123
Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. Vulnerabilidad no especificada en HP NonStop Safeguard Security Software H06.x, L15.02, y J06.x anterior a J06.19 permite a usuarios remotos autenticados ganar privilegios mediante el aprovechamiento del acceso a Expand. • http://www.securityfocus.com/bid/74819 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04683599 •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2014-2629
https://notcve.org/view.php?id=CVE-2014-2629
HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time. HP NonStop Safeguard Security Software G, H06.03 hasta H06.28.01, y J06.03 hasta J06.17.01 no evalúa debidamente el DISKFILE-PATTERN ACL de un fichero de objeto de programa, lo que permite a usuarios remotos autenticados evadir las restricciones sobre el acceso a programas a través de vectores relacionados con el tiempo de la creación de procesos. • http://secunia.com/advisories/59981 http://www.securityfocus.com/bid/69147 http://www.securitytracker.com/id/1030697 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=c04391893 • CWE-264: Permissions, Privileges, and Access Controls •