Authentication Bypass in HPE MSA 1040 and MSA 2040 SAN Storage
CVE-2017-8959

8.8HIGH

Key Information:

Vendor: HP
Status: Msa 1040 And 2040 San Storage
Vendor: CVE Published:; 15 February 2018

Summary

An Authentication Bypass vulnerability exists in the HPE MSA 1040 and HPE MSA 2040 SAN Storage systems. This flaw allows unauthorized users to gain access without proper credentials, potentially jeopardizing data security and integrity. Administrators are urged to apply the necessary updates to mitigate this risk.

Affected Version(s)

MSA 1040 and 2040 SAN Storage GL220P008 and earlier

References

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
May 15, 2017