CVE-2007-5084

Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.

Published: Oct 1, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5084
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
broadcom / brightstor_hierarchical_storage_manager	-	11.5.x

http://dvlabs.tippingpoint.com/advisory/TPTI-07-17
http://secunia.com/advisories/26914
http://securitytracker.com/id?1018747
http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692
http://www.securityfocus.com/archive/1/480808/100/0/threaded
http://www.securityfocus.com/bid/25823
http://www.vupen.com/english/advisories/2007/3275
https://exchange.xforce.ibmcloud.com/vulnerabilities/36828

Vulnerability Database

CVE-2007-5084