CVE-2007-4931
Vulnerability from cvelistv5
Published
2007-09-18 18:00
Modified
2024-08-07 15:17
Severity ?
Summary
HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.
References
cve@mitre.orghttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065
cve@mitre.orghttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065
cve@mitre.orghttp://osvdb.org/45941
cve@mitre.orghttp://securitytracker.com/id?1018696
cve@mitre.orghttp://www.securityfocus.com/bid/25675
af854a3a-2127-422b-91ae-364da2661108http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065
af854a3a-2127-422b-91ae-364da2661108http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/45941
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1018696
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25675
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:27.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "25675",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25675"
          },
          {
            "name": "HPSBMA02258",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
          },
          {
            "name": "1018696",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018696"
          },
          {
            "name": "SSRT071470",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
          },
          {
            "name": "45941",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/45941"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "25675",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25675"
        },
        {
          "name": "HPSBMA02258",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
        },
        {
          "name": "1018696",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018696"
        },
        {
          "name": "SSRT071470",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
        },
        {
          "name": "45941",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/45941"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4931",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "25675",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25675"
            },
            {
              "name": "HPSBMA02258",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
            },
            {
              "name": "1018696",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018696"
            },
            {
              "name": "SSRT071470",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
            },
            {
              "name": "45941",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/45941"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4931",
    "datePublished": "2007-09-18T18:00:00",
    "dateReserved": "2007-09-18T00:00:00",
    "dateUpdated": "2024-08-07T15:17:27.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD9A9442-18B7-4858-AB3A-19FE272A5C61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90042282-9151-4D8E-8093-D85E57BD332C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3EF92B4-AAC3-4957-9D8F-1796C2045962\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D44CEFC1-CE95-4549-A981-C3F259075B77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFA42455-F9B9-49BD-BAFA-4A02C554ECE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6426924C-AA5C-4C93-AB8B-9314CD010139\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6E5C789-9827-47DF-A47C-454DF7687E59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D85F0390-B076-4B54-9E4E-67472FF3759E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20EBB25A-A1DE-4943-9EE5-0FCF21A55666\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B61485E4-6EC1-4886-AB47-F5BC8E72A08A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E354FF4-5CDD-4B79-B56C-2C774B235D78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3DACC6F-DCE8-4890-BE47-488CB7B2DF77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AFAF26C-7BFE-479E-880C-B13E78780625\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.\"}, {\"lang\": \"es\", \"value\": \"HP System Management Homepage (SMH) para Windows, cuando se usa en conjunto con HP Version Control Agent o Version Control REpository Manager, deja el software OpenSSL activo despu\\u00e9s de una actualizaci\\u00f3n OpenSSL, lo cual tiene impacto y vectores de ataque desconocidos, probablemente relacionados con vulnerabilidades previas para OpenSSL.\"}]",
      "id": "CVE-2007-4931",
      "lastModified": "2024-11-21T00:36:45.020",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-09-18T18:17:00.000",
      "references": "[{\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/45941\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1018696\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/25675\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/45941\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1018696\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/25675\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-4931\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-09-18T18:17:00.000\",\"lastModified\":\"2024-11-21T00:36:45.020\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.\"},{\"lang\":\"es\",\"value\":\"HP System Management Homepage (SMH) para Windows, cuando se usa en conjunto con HP Version Control Agent o Version Control REpository Manager, deja el software OpenSSL activo despu\u00e9s de una actualizaci\u00f3n OpenSSL, lo cual tiene impacto y vectores de ataque desconocidos, probablemente relacionados con vulnerabilidades previas para OpenSSL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD9A9442-18B7-4858-AB3A-19FE272A5C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90042282-9151-4D8E-8093-D85E57BD332C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3EF92B4-AAC3-4957-9D8F-1796C2045962\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D44CEFC1-CE95-4549-A981-C3F259075B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFA42455-F9B9-49BD-BAFA-4A02C554ECE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6426924C-AA5C-4C93-AB8B-9314CD010139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E5C789-9827-47DF-A47C-454DF7687E59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D85F0390-B076-4B54-9E4E-67472FF3759E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20EBB25A-A1DE-4943-9EE5-0FCF21A55666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B61485E4-6EC1-4886-AB47-F5BC8E72A08A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E354FF4-5CDD-4B79-B56C-2C774B235D78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3DACC6F-DCE8-4890-BE47-488CB7B2DF77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AFAF26C-7BFE-479E-880C-B13E78780625\"}]}]}],\"references\":[{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/45941\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1018696\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/25675\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/45941\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1018696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/25675\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.