CVE-2011-0890 : HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70,

HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community.

Published 2011-03-25 18:55:01

Updated 2025-04-11 00:51:22

Source HP Inc.

View at NVD, CVE.org

Products affected by CVE-2011-0890

HP » Discovery&dependency Mapping Inventory » Version: 7.51
cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.51:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
HP » Discovery&dependency Mapping Inventory » Version: 7.50
cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.50:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
HP » Discovery&dependency Mapping Inventory » Version: 7.60
cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.60:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
HP » Discovery&dependency Mapping Inventory » Version: 7.70
cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.70:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
HP » Discovery&dependency Mapping Inventory » Version: 9.30
cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:9.30:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
HP » Discovery&dependency Mapping Inventory » Version: 7.61
cpe:2.3:a:hp:discovery\&dependency_mapping_inventory:7.61:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows

Exploit prediction scoring system (EPSS) score for CVE-2011-0890

EPSS FAQ

0.74%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 71 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-0890

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2011-0890

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-0890

http://securityreason.com/securityalert/8163

HP Discovery & Dependency Mapping Inventory Insecure SNMP Configuration - CXSecurity.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/66242

HP Discovery and Dependency Mapping Inventory SNMP information disclosure CVE-2011-0890 Vulnerability Report
http://marc.info/?l=bugtraq&m=130082163516878&w=2

'[security bulletin] HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI' - MARC
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0755

Webmail | OVH- OVH
http://www.securityfocus.com/bid/46981

HP Discovery and Dependency Mapping Inventory SNMP Information Disclosure Vulnerability
http://securitytracker.com/id?1025239

HP Discovery & Dependency Mapping Inventory (DDMI) Configuration Flaw Lets Remote Users Gain SNMP - SecurityTracker

Jump to

Vulnerability Details : CVE-2011-0890

Products affected by CVE-2011-0890

Exploit prediction scoring system (EPSS) score for CVE-2011-0890

CVSS scores for CVE-2011-0890

CWE ids for CVE-2011-0890

References for CVE-2011-0890