CVE-2011-0890 - OpenCVE

HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	Discovery\&dependency Mapping Inventory
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.50:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.51:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.60:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.61:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.70:::::::*
	cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:9.30:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=130082163516878&w=2
http://securityreason.com/securityalert/8163
http://securitytracker.com/id?1025239
http://www.securityfocus.com/bid/46981
http://www.vupen.com/english/advisories/2011/0755
https://exchange.xforce.ibmcloud.com/vulnerabilities/66242

History

No history.

MITRE

Status: PUBLISHED

Assigner: hp

Published: 2011-03-25T18:00:00

Updated: 2024-08-06T22:05:54.579Z

Reserved: 2011-02-04T00:00:00

Link: CVE-2011-0890

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-03-25T18:55:01.450

Modified: 2017-08-17T01:33:44.587

Link: CVE-2011-0890

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp"}, "references": [{"name": "hp-discovery-snmp-info-disclosure(66242)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66242"}, {"name": "1025239", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1025239"}, {"name": "8163", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8163"}, {"name": "SSRT100383", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"}, {"name": "HPSBMA02647", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"}, {"name": "ADV-2011-0755", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0755"}, {"name": "46981", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46981"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "hp-security-alert@hp.com", "ID": "CVE-2011-0890", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "hp-discovery-snmp-info-disclosure(66242)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66242"}, {"name": "1025239", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1025239"}, {"name": "8163", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8163"}, {"name": "SSRT100383", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"}, {"name": "HPSBMA02647", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"}, {"name": "ADV-2011-0755", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0755"}, {"name": "46981", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46981"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:05:54.579Z"}, "title": "CVE Program Container", "references": [{"name": "hp-discovery-snmp-info-disclosure(66242)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66242"}, {"name": "1025239", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1025239"}, {"name": "8163", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8163"}, {"name": "SSRT100383", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"}, {"name": "HPSBMA02647", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"}, {"name": "ADV-2011-0755", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0755"}, {"name": "46981", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46981"}]}]}, "cveMetadata": {"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "assignerShortName": "hp", "cveId": "CVE-2011-0890", "datePublished": "2011-03-25T18:00:00", "dateReserved": "2011-02-04T00:00:00", "dateUpdated": "2024-08-06T22:05:54.579Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:discovery\\&dependency_mapping_inventory:7.50:*:*:*:*:*:*:*", "matchCriteriaId": "044B28F0-C1C5-4BE6-ADA7-28341024A1C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:discovery\\&dependency_mapping_inventory:7.51:*:*:*:*:*:*:*", "matchCriteriaId": "146FFF61-C7B7-404C-9697-97AAF1138FAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:discovery\\&dependency_mapping_inventory:7.60:*:*:*:*:*:*:*", "matchCriteriaId": "FD17A792-40FD-4032-8552-14464BAF93B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:discovery\\&dependency_mapping_inventory:7.61:*:*:*:*:*:*:*", "matchCriteriaId": "839425E6-2DC4-44DE-99FA-8638B0DDC3DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:discovery\\&dependency_mapping_inventory:7.70:*:*:*:*:*:*:*", "matchCriteriaId": "B180F4F2-6FC6-41AD-8134-80023F692F66", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:discovery\\&dependency_mapping_inventory:9.30:*:*:*:*:*:*:*", "matchCriteriaId": "A5031736-4B2D-4861-A3DB-1467F212AB36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community."}, {"lang": "es", "value": "HP Discovery & Dependency Mapping Inventory (DDMI) v7.50, v7.51, v7.60, v7.61, v7.70 y v9.30 inicia el servicio SNMP de Windows con su configuraci\u00f3n predeterminada, lo que permite a atacantes remotos obtener informaci\u00f3n sensible u otro impacto no especificado mediante el aprovechamiento de la lectura p\u00fablica de la comunidad."}], "id": "CVE-2011-0890", "lastModified": "2017-08-17T01:33:44.587", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-03-25T18:55:01.450", "references": [{"source": "hp-security-alert@hp.com", "tags": ["Vendor Advisory"], "url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"}, {"source": "hp-security-alert@hp.com", "url": "http://securityreason.com/securityalert/8163"}, {"source": "hp-security-alert@hp.com", "url": "http://securitytracker.com/id?1025239"}, {"source": "hp-security-alert@hp.com", "url": "http://www.securityfocus.com/bid/46981"}, {"source": "hp-security-alert@hp.com", "url": "http://www.vupen.com/english/advisories/2011/0755"}, {"source": "hp-security-alert@hp.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66242"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}