Lucene search

HpeCVELIST:CVE-2022-37931

HistoryNov 22, 2022 - 4:39 a.m.

CVE-2022-37931 A vulnerability in NetBatch-Plus software allows unauthorized access to the application

2022-11-2204:39:30

CWE-287

hpe

www.cve.org

netbatch-plus

vulnerability

unauthorized access

hpe

security bulletin

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

AI Score

7.7

Confidence

High

EPSS

Percentile

12.6%

JSON

A vulnerability in NetBatch-Plus software allows unauthorized access to the application.

HPE has provided a workaround and fix. Please refer to HPE Security Bulletin

HPESBNS04388

for details.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "HPE NonStop Server"
    ],
    "product": "NetBatch-Plus software",
    "vendor": "HPE",
    "versions": [
      {
        "status": "affected",
        "version": "T9189L01 - T9189L01^ABY"
      },
      {
        "status": "affected",
        "version": "T9189H01 – T9189H01^ABW"
      }
    ]
  }
]

References

support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbns04388en_us

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

AI Score

7.7

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2022-37931