{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-27T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "26914", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26914"}, {"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"name": "ADV-2007-3275", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"}, {"name": "25823", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25823"}, {"name": "ca-brightstor-csagent-sql-injection(36828)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"name": "1018747", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018747"}, {"tags": ["x_refsource_MISC"], "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5084", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "26914", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26914"}, {"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"name": "ADV-2007-3275", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692", "refsource": "CONFIRM", "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"}, {"name": "25823", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25823"}, {"name": "ca-brightstor-csagent-sql-injection(36828)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"}, {"name": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"name": "1018747", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018747"}, {"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17", "refsource": "MISC", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:17:28.214Z"}, "title": "CVE Program Container", "references": [{"name": "26914", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26914"}, {"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"name": "ADV-2007-3275", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"}, {"name": "25823", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25823"}, {"name": "ca-brightstor-csagent-sql-injection(36828)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"name": "1018747", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018747"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5084", "datePublished": "2007-10-01T20:00:00.000Z", "dateReserved": "2007-09-25T00:00:00.000Z", "dateUpdated": "2024-08-07T15:17:28.214Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_hierarchical_storage_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F3BF860-8EF3-42D6-B6A3-8E6A8DAFDF26", "versionEndIncluding": "11.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) versiones anteriores a r11.6, permite a atacantes remotos ejecutar comandos SQL arbitrarios por medio de los comandos de servicio CsAgent con opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, y posiblemente otros."}], "id": "CVE-2007-5084", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-01T20:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26914"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018747"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25823"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26914"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018747"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25823"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}