SQL Injection Vulnerability in Poly Clariti Manager by HP
CVE-2025-43022

7.3HIGH

Key Information:

Vendor: HP
Status: Poly Clariti Manager
Vendor: CVE Published:; 22 July 2025

What is CVE-2025-43022?

An SQL injection vulnerability has been discovered in the Poly Clariti Manager, impacting versions before 10.12.1. This vulnerability may allow a privileged user to execute arbitrary SQL commands, potentially compromising the integrity of the database. HP has released a software update to mitigate this risk. Users are advised to upgrade to the latest version to safeguard their systems.

Affected Version(s)

Poly Clariti Manager See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_12781425-127814...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025