Remote Bypass Security Restriction Vulnerability in HPE Network Node Manager i Software
CVE-2017-8948

9.8CRITICAL

Key Information:

Vendor: HP
Status: Network Node Manager I (nnmi) Software
Vendor: CVE Published:; 15 February 2018

Summary

A vulnerability exists in the HPE Network Node Manager i Software, which allows an attacker to bypass security restrictions remotely. This affects versions v10.0x, v10.1x, and v10.2x, potentially exposing sensitive network management operations to unauthorized access or manipulation. Proper remediation is critical to safeguard network integrity.

Affected Version(s)

Network Node Manager i (NNMi) Software v10.0x, v10.1x, v10.2x

References

http://www.securityfocus.com/bid/99342

vdb-entryx_refsource_BID

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
May 15, 2017