SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Storage)  >   HPE StorageWorks Vendors:   HPE
HP StorageWorks X9000 Expired Password Accounts Can Be Accessed By Remote Users
SecurityTracker Alert ID:  1025031
SecurityTracker URL:  http://securitytracker.com/id/1025031
CVE Reference:   CVE-2010-0833   (Links to External Site)
Date:  Feb 8 2011
Impact:   User access via network
Vendor Confirmed:  Yes  
Version(s): X9000; 5.4
Description:   A vulnerability was reported in HP StorageWorks X9000. A remote user can gain access to the target system.

A remote user can gain access to accounts with expired passwords on the target system.

Impact:   A remote user can gain access to the target system.
Solution:   The vendor has described a workaround:

1. Explicitly disable the local Administrator account.
2. Explicitly disable any lsassd local-provider accounts that are not in use.

The vendor's advisory is available at:

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02712670

Vendor URL:  h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02712670 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC