Open URL Redirection Vulnerability in HPE XP P9000 Command View Software
CVE-2018-7091

6.1MEDIUM

Key Information:

Vendor: HP
Status: HP Xp P9000 Command View Advanced Edition Software (cvae)
Vendor: CVE Published:; 6 August 2018

Summary

The HPE XP P9000 Command View Advanced Edition Software contains a vulnerability that allows an attacker to exploit an open URL redirection issue. This flaw exists in specific versions of the software, enabling attackers to redirect users to malicious URLs under certain conditions. Successful exploitation could lead to phishing attacks or other security risks. Users are advised to update to the latest version to mitigate potential threats.

Affected Version(s)

HPE XP P9000 Command View Advanced Edition Software (CVAE) versions 7.0.0-00 to earlier than 8.60-00

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Aug 6, 2018
Vulnerability Reserved
Feb 15, 2018