Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ETINET BACKBOX E4.09 and H4.09 mismanages password access control. When a user uses the User ID of the process running BBSV to login to the Backbox UI application, the system procedure (USER_AUTHENTICATE_) used for verifying the Password returns 0 (no error). The reason is that the user is not running the XYGate application. Hence, BBSV assumes the Password is correct. For H4.09, the affected version isT0954V04^AAO. For E4.09, the affected version is 22SEP2020. Note: If your current version is E4.10-16MAY2021 (version procedure T9999V04_16MAY2022_BPAKETI_10), a hotfix (FIXPAK-19OCT-2022) is available in version E4.10-19OCT2022. Resolution to CVE-2021-33895 in version E4.11-19OCT2022
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hewlett Packard Enterprise BackBox 授权问题漏洞
Vulnerability Description
Hewlett Packard Enterprise BackBox是美国慧与(Hewlett Packard Enterprise)公司的提供将HPE不间断BackBox产品部署到您的备份和恢复操作中所需的功能。 Hewlett Packard Enterprise BACKBOX 存在授权问题漏洞,该漏洞源于E4.09和H4.09错误管理密码访问控制。当用户使用运行BBSV的进程的user ID登录到Backbox UI应用程序时,用于验证密码的系统过程(user AUTHENTICATE)返回0(没
CVSS Information
N/A
Vulnerability Type
N/A