CVE-2010-1972 — HIGH (9.0) — White Hats Nepal

Vulnerability Description

The default configuration of HP Client Automation (HPCA) Enterprise Infrastructure (aka Radia) allows remote attackers to read log files, and consequently cause a denial of service or have unspecified other impact, via web requests.

CVSS Score

9.0

HIGH

AV:N/AC:L/Au:N/C:C/I:P/A:P

Confidentiality

COMPLETE

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Hp	Client Automation Enterprise Infrastructure	All versions

Related Weaknesses (CWE)

CWE-16

References

http://marc.info/?l=bugtraq&m=127905601332098&w=2Vendor Advisory
http://secunia.com/advisories/40592Vendor Advisory
http://securitytracker.com/id?1024191
http://marc.info/?l=bugtraq&m=127905601332098&w=2Vendor Advisory
http://secunia.com/advisories/40592Vendor Advisory
http://securitytracker.com/id?1024191

FAQ

What is CVE-2010-1972?

CVE-2010-1972 is a vulnerability with a CVSS score of 9.0 (HIGH). The default configuration of HP Client Automation (HPCA) Enterprise Infrastructure (aka Radia) allows remote attackers to read log files, and consequently cause a denial of service or have unspecified...

How severe is CVE-2010-1972?

CVE-2010-1972 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-1972?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Client Automation Enterprise Infrastructure.