Local Privilege Escalation Vulnerability in HPE Version Control Repository Manager
CVE-2022-28619

7.8HIGH

Key Information:

Vendor: HP
Status: HP Version Control Repository Manager
Vendor: CVE Published:; 24 June 2022

What is CVE-2022-28619?

A potential security vulnerability has been discovered in the installer of HPE Version Control Repository Manager, which may allow local users to escalate their privileges. This issue can lead to unauthorized access and manipulation of system roles. HPE has released an update to address this vulnerability in version 7.6.14.0 of the HPE Version Control Repository Manager installer. It is crucial for users to apply this update to safeguard their systems and maintain security integrity.

Affected Version(s)

HPE Version Control Repository Manager Prior to v7.6.14.0

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2022
Vulnerability Reserved
Apr 4, 2022