Remote Privilege Escalation in HPE CentralView Fraud Risk Management
CVE-2017-8992

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP Centralview Fraud Risk Management
Vendor: CVE Published:; 6 August 2018

Summary

Hewlett Packard Enterprise has identified a significant security flaw in HPE CentralView Fraud Risk Management prior to version 6.1. This vulnerability allows unauthorized users to escalate their privileges remotely, potentially leading to unauthorized access and manipulation of sensitive information. The issue has been addressed in update HF16, applicable for HPE CV 6.1 and later versions, emphasizing the importance of regular updates to safeguard against such vulnerabilities.

Affected Version(s)

HPE CentralView Fraud Risk Management CV 6.1

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 6, 2018
Vulnerability Reserved
May 15, 2017