Release date:
Updated on:
Affected Systems:
HP Network Automation 9.10
HP Network Automation 9.0
HP Network Automation 7.6
HP Network Automation 7.6
HP Network Automation 7.2
Unaffected system:
HP Network Automation 9.10.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51746
Cve id: CVE-2011-4790
The HP Network Automation software helps you view, automatically run, and closely monitor changing Network environments in real time, improving your security.
HP Network Automation has an illegal access vulnerability. A remote attacker can exploit this vulnerability to obtain unauthorized administrator access and completely control the affected devices.
<* Source: HP
Link: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay? DocId = emr_na-c03171149 & ac. admitted = 1328080304223.876444892.199480143
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
HP
--
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://itrc.hp.com