Security Flaw in HP Insight Control Server Provisioning Revealing Sensitive Data
CVE-2015-6858

3.7LOW

Key Information:

Vendor
HP
Status
Insight Management
Vendor
CVE Published:
5 January 2016

Summary

A vulnerability exists in HP Insight Control Server Provisioning prior to version 7.5.0, which allows remote attackers to exploit unspecified vectors to gain access to sensitive information. This could potentially lead to unauthorized exposure of data, thereby raising significant security concerns for users and organizations relying on this software.

References

http://www.securitytracker.com/id/1034310
vdb-entryx_refsource_SECTRACK
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/do...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/79343
vdb-entryx_refsource_BID

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.