Remote Unauthenticated Access to Files in HPE CentralView Fraud Risk Management
CVE-2018-7069

7.5HIGH

Key Information:

Vendor: HP
Status: HP Centralview Fraud Risk Management
Vendor: CVE Published:; 6 August 2018

Summary

HPE CentralView Fraud Risk Management versions earlier than 6.1 are susceptible to a vulnerability that allows remote unauthenticated users to access files. This security flaw poses a risk to data integrity and confidentiality. The issue has been addressed in HF16 for HPE CV 6.1 and later versions, ensuring enhanced security measures against unauthorized access.

Affected Version(s)

HPE CentralView Fraud Risk Management earlier than version CV 6.1

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 6, 2018
Vulnerability Reserved
Feb 15, 2018