Sensitive Information Disclosure in HPE SiteScope
CVE-2017-8949

5.5MEDIUM

Key Information:

Vendor
HP
Status
Sitescope
Vendor
CVE Published:
15 February 2018

Summary

A vulnerability has been identified in HPE SiteScope, specifically within versions 11.2x and 11.3x, that allows for the disclosure of sensitive information. This flaw could potentially expose critical system data, posing a risk to the integrity and confidentiality of user information. Users and administrators are urged to evaluate their implementations and apply necessary security updates to mitigate exposure.

Affected Version(s)

SiteScope v11.2x, v11.3x

References

http://www.securitytracker.com/id/1038791
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99331
vdb-entryx_refsource_BID
https://support.hpe.com/hpsc/doc/public/display?docId=emr...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.