CVE-2007-5084

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp", "name": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692", "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/25823", "name": "25823", "tags": [], "refsource": "BID"}, {"url": "http://securitytracker.com/id?1018747", "name": "1018747", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/26914", "name": "26914", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17", "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17", "tags": [], "refsource": "MISC"}, {"url": "http://www.vupen.com/english/advisories/2007/3275", "name": "ADV-2007-3275", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828", "name": "ca-brightstor-csagent-sql-injection(36828)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded", "name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-89"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-5084", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2007-10-01T20:17Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_hierarchical_storage_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "11.5"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-04-07T18:19Z"}