Security Vulnerability in HPE 3PAR Service Processor
CVE-2018-7095

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP 3par Service Processors
Vendor: CVE Published:; 14 August 2018

What is CVE-2018-7095?

A vulnerability has been identified in the HPE 3PAR Service Processor that could potentially allow an attacker to bypass access restrictions. This issue affects versions prior to SP-4.4.0.GA-110(MU7). It is critical for organizations using this product to address this vulnerability to safeguard against unauthorized access and enhance their overall security posture.

Affected Version(s)

HPE 3PAR Service Processors Prior to SP-4.4.0.GA-110(MU7)

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2018
Vulnerability Reserved
Feb 15, 2018