CVE-2014-2603

Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors.

CVSS v2.0 1.7 LOW

1.7^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:H/Au:M/C:P/I:N/A:N

Exploitability : 3.2 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication MULTIPLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04277407	Vendor Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:hp:hp_h-series_fibre_channel_switch_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:hp:8\/20q_fibre_channel_switch_8_port:aq233a:::::::*
	cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_dual_power_fibre_channel_switch:aw576b:::::::*
	cpe:2.3:h:hp:sn6000_stackable_8gb_12-port_single_power_fibre_channel_switch:bk780b:::::::*
	cpe:2.3:h:hp:8\/20q_fibre_channel_switch_16_port:ak242b:::::::*
	cpe:2.3:h:hp:8\/20q_fibre_channel_switch_16_port:ak242a:::::::*
	cpe:2.3:h:hp:8gb_simple_san_connection_kit:ak241b:::::::*
	cpe:2.3:h:hp:8gb_simple_san_connection_kit:ak241a:::::::*
	cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_single_power_fibre_channel_switch:aw575b:::::::*
	cpe:2.3:h:hp:sn6000_stackable_8gb_12-port_single_power_fibre_channel_switch:bk780a:::::::*
	cpe:2.3:h:hp:8\/20q_fibre_channel_switch_8_port:aq233b:::::::*
	cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_single_power_fibre_channel_switch:aw575a:::::::*
	cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_dual_power_fibre_channel_switch:aw576a:::::::*

Information

Published : 2014-05-09 18:55

Updated : 2019-10-09 16:10

NVD link : CVE-2014-2603

Mitre link : CVE-2014-2603

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

hp

8\/20q_fibre_channel_switch_16_port
sn6000_stackable_8gb_24-port_dual_power_fibre_channel_switch
8\/20q_fibre_channel_switch_8_port
sn6000_stackable_8gb_24-port_single_power_fibre_channel_switch
sn6000_stackable_8gb_12-port_single_power_fibre_channel_switch
8gb_simple_san_connection_kit
hp_h-series_fibre_channel_switch_firmware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04277407", "name": "SSRT101555", "tags": ["Vendor Advisory"], "refsource": "HP"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-2603", "ASSIGNER": "hp-security-alert@hp.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 1.7, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:M/C:P/I:N/A:N", "authentication": "MULTIPLE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.2, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-05-10T01:55Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:hp:hp_h-series_fibre_channel_switch_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:hp:8\\/20q_fibre_channel_switch_8_port:aq233a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_dual_power_fibre_channel_switch:aw576b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:sn6000_stackable_8gb_12-port_single_power_fibre_channel_switch:bk780b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:8\\/20q_fibre_channel_switch_16_port:ak242b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:8\\/20q_fibre_channel_switch_16_port:ak242a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:8gb_simple_san_connection_kit:ak241b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:8gb_simple_san_connection_kit:ak241a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_single_power_fibre_channel_switch:aw575b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:sn6000_stackable_8gb_12-port_single_power_fibre_channel_switch:bk780a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:8\\/20q_fibre_channel_switch_8_port:aq233b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_single_power_fibre_channel_switch:aw575a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hp:sn6000_stackable_8gb_24-port_dual_power_fibre_channel_switch:aw576a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-10-09T23:10Z"}