PROBLEM:
HP WBEM Discloses Diagnostic Data to Remote and Local Users
PLATFORM:
HP-UX 11.11, 11.23, and 11.31
ABSTRACT:
Two vulnerabilities were reported in HP WBEM. A remote or local user can gain access to diagnostic data.
REFERENCE LINKS:
SecurityTracker Alert ID: 1026849
CVE-2012-0125
CVE-2012-0126
iIMPACT ASSESSMENT
Medium
Discussion:
A potential security vulnerability has been identified with certain HP-UX WBEM components. The vulnerability could be exploited remotely in HP-UX 11.11 and HP-UX 11.23 to gain unauthorized access to diagnostic data. The vulnerability could be exploited locally in HP-UX 11.31 to gain unauthorized access to diagnostic data.
Impact:
A remote or local user can gain access to diagnostic data.