3.7 - HPSBPV02754 SSRT100803

Executive Summary

Summary
Title	HP ProCurve 5400 zl Switch, Compact flash card contains trojan malware

Informations
Name	HPSBPV02754 SSRT100803	First vendor Publication	2012-04-10
Vendor	HP	Last vendor Modification	2012-04-26
Severity (Vendor)	N/A	Revision	2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score	3.7	Attack Range	Local
Cvss Impact Score	6.4	Attack Complexity	High
Cvss Expoit Score	1.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03249176

CPE : Common Platform Enumeration

Type	Description	Count
Hardware	Hp Procurve Switch 5400Zl cpe:2.3:h:hp:procurve_switch_5400zl::::::::	1
Hardware	Hp Procurve Switch 5400Zl Management Module cpe:2.3:h:hp:procurve_switch_5400zl_management_module:id126as0fb:::::::* cpe:2.3:h:hp:procurve_switch_5400zl_management_module:id117as00h:::::::* cpe:2.3:h:hp:procurve_switch_5400zl_management_module:id116as0hr:::::::* cpe:2.3:h:hp:procurve_switch_5400zl_management_module:id116as04p:::::::*	4
Hardware	Hp Procurve Switch 5406-44g-Poe+-4sfpzl cpe:2.3:h:hp:procurve_switch_5406-44g-poe+-4sfpzl:-:::::::*	1
Hardware	Hp Procurve Switch 5406-48gzl cpe:2.3:h:hp:procurve_switch_5406-48gzl:-:::::::*	1
Hardware	Hp Procurve Switch 5406Zl-44g-Poe+/2Xg Sfp+ V2 cpe:2.3:h:hp:procurve_switch_5406zl-44g-poe+/2xg_sfp+_v2:-:::::::*	1
Hardware	Hp Procurve Switch 5406Zl-44g-Poe+/4G Sfp+ V2 cpe:2.3:h:hp:procurve_switch_5406zl-44g-poe+/4g_sfp+_v2:-:::::::*	1
Hardware	Hp Procurve Switch 5412-92g-Poe+-4sfpzl cpe:2.3:h:hp:procurve_switch_5412-92g-poe+-4sfpzl:-:::::::*	1
Hardware	Hp Procurve Switch 5412-96gzl cpe:2.3:h:hp:procurve_switch_5412-96gzl:-:::::::*	1
Hardware	Hp Procurve Switch 5412Zl-92g-Poe+/4G Sfp+ V2 cpe:2.3:h:hp:procurve_switch_5412zl-92g-poe+/4g_sfp+_v2:-:::::::*	1
Hardware	Hp Procurve Switch 5412Zl-92gg-Poe+/2Xg Sfp+ V2 cpe:2.3:h:hp:procurve_switch_5412zl-92gg-poe+/2xg_sfp+_v2:-:::::::*	1
Hardware	Hp Procurve Switch Chassis E5406Zl cpe:2.3:h:hp:procurve_switch_chassis_e5406zl:-:::::::*	1
Hardware	Hp Procurve Switch Chassis E5412Zl cpe:2.3:h:hp:procurve_switch_chassis_e5412zl:-:::::::*	1
Hardware	Hp Procurve Switch E5406Zl cpe:2.3:h:hp:procurve_switch_e5406zl:-:::::::*	1
Hardware	Hp Procurve Switch E5412Zl cpe:2.3:h:hp:procurve_switch_e5412zl:-:::::::*	1

Information Assurance Vulnerability Management (IAVM)

Date	Description
2012-04-19	IAVM : 2012-B-0044 - HP ProCurve 5400 zl Switches Security Vulnerability Severity : Category II - VMSKEY : V0032006

Nessus® Vulnerability Scanner

Date	Description
2013-08-13	Name : The remote host is missing a vendor-supplied software update. File : hp_procurve_HPSBPV02754.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-11-11 12:41:02	Multiple Updates

Global Informations

Type	Count
CPE ID(s)	17
IAVM(s)	1
Nessus® Exploit(s)	1

	Related
3.7	CVE-2012-0133
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

3.7 - HPSBPV02754 SSRT100803

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU