Input Validation Flaw in HPE Matrix Operating Environment Software
CVE-2017-8973

4.3MEDIUM

Key Information:

Vendor: HP
Status: Matrix Operating Environment
Vendor: CVE Published:; 15 February 2018

Summary

An input validation vulnerability exists in HPE Matrix Operating Environment version 7.6 LR1, allowing unauthorized actions due to improper handling of input data. Attackers could exploit this flaw to execute commands outside of intended functionality, potentially compromising the system's integrity and availability. Appropriate measures should be taken to address this vulnerability and enhance overall system security.

Affected Version(s)

Matrix Operating Environment 7.6 LR1

References

http://www.securityfocus.com/bid/101938

vdb-entryx_refsource_BID

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
May 15, 2017