HP-UX System Management Homepage, Disclosure of Information
CVE-2023-50271

7.2HIGH

Key Information:

Vendor: HP
Status: HPE System Management Homepage (SMH)
Vendor: CVE Published:; 17 December 2023

Summary

A security vulnerability has been discovered in HP-UX System Management Homepage (SMH) that can be exploited by both local and remote attackers. This vulnerability poses a risk of unauthorized information disclosure, potentially allowing attackers to access sensitive system data. Users and administrators are urged to review their HP-UX SMH installations and apply relevant security measures.

Affected Version(s)

HPE System Management Homepage (SMH) HP-UX Prior to HPE SMH ver.A.3.2.23.09

References

https://support.hpe.com/hpesc/public/docDisplay?docLocale...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 17, 2023
Vulnerability Reserved
Dec 6, 2023