Vulnerability Description
HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Nonstop Safeguard Security | <= g06.29 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/59981
- http://www.securityfocus.com/bid/69147
- http://www.securitytracker.com/id/1030697
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=c04391893Vendor Advisory
- http://secunia.com/advisories/59981
- http://www.securityfocus.com/bid/69147
- http://www.securitytracker.com/id/1030697
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=c04391893Vendor Advisory
FAQ
What is CVE-2014-2629?
CVE-2014-2629 is a vulnerability with a CVSS score of 4.0 (MEDIUM). HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authe...
How severe is CVE-2014-2629?
CVE-2014-2629 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2629?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Nonstop Safeguard Security.