VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 29, 2007· Updated Apr 23, 2026

CVE-2007-5413

CVE-2007-5413

Description

httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.

Affected products

21
  • HP/Openview Client Configuraton Manager
    cpe:2.3:a:hp:openview_client_configuraton_manager:2.0:*:windows:*:*:*:*:*
  • HP/Openview Configuration Management20 versions
    cpe:2.3:a:hp:openview_configuration_management:4.0:*:aix:*:*:*:*:*+ 19 more
    • cpe:2.3:a:hp:openview_configuration_management:4.0:*:aix:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.0:*:hpux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.0:*:linux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.0:*:solaris:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.0:*:windows:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.1:*:aix:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.1:*:hpux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.1:*:linux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.1:*:solaris:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.1:*:windows:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2:*:aix:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2:*:hpux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2i:*:aix:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2i:*:hpux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2i:*:linux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2i:*:solaris:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2i:*:windows:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2:*:linux:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2:*:solaris:*:*:*:*:*
    • cpe:2.3:a:hp:openview_configuration_management:4.2:*:windows:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.