Lucene search

K
cve[email protected]CVE-2018-7091
HistoryAug 06, 2018 - 8:29 p.m.

CVE-2018-7091

2018-08-0620:29:02
CWE-601
web.nvd.nist.gov
18
hpe
xp p9000
cvae
software
open url
redirection
vulnerability
nvd

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr.

Affected configurations

NVD
Node
hpxp_9000_command_viewRange7.0.0-008.60-00advanced

CNA Affected

[
  {
    "product": "HPE XP P9000 Command View Advanced Edition Software (CVAE)",
    "vendor": "Hewlett Packard Enterprise",
    "versions": [
      {
        "status": "affected",
        "version": "versions 7.0.0-00 to earlier than 8.60-00"
      }
    ]
  }
]

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

Related for CVE-2018-7091