Local File Modification Vulnerability in HPE Moonshot Provisioning Manager
CVE-2018-7073

5.5MEDIUM

Key Information:

Vendor: HP
Status: HP Moonshot Provisioning Manager
Vendor: CVE Published:; 6 August 2018

Summary

A local arbitrary file modification vulnerability has been discovered in HPE Moonshot Provisioning Manager versions prior to v1.24. This issue can allow an attacker with local access to alter files, which could lead to further exploitation of the system. Proper security measures and updates are advised to mitigate this vulnerability.

Affected Version(s)

HPE Moonshot Provisioning Manager versions prior to v1.24

References

https://www.tenable.com/security/research/tra-2018-15

x_refsource_MISC

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 6, 2018
Vulnerability Reserved
Feb 15, 2018