Improper Input Validation in HPE Insight Control by Hewlett Packard Enterprise
CVE-2017-8969

5.7MEDIUM

Key Information:

Vendor: HP
Status: Insight Control
Vendor: CVE Published:; 15 February 2018

Summary

An input validation vulnerability exists in HPE Insight Control version 7.6 LR1, which could allow an attacker to exploit this weakness and potentially manipulate application behavior. The lack of sufficient validation of user inputs may lead to unforeseen consequences, emphasizing the importance of ensuring secure coding practices and the necessity of timely updates to safeguard against potential exploits.

Affected Version(s)

Insight Control 7.6 LR1

References

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101883

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
May 15, 2017