Lucene search

[email protected]NVD:CVE-2017-5814

HistoryFeb 15, 2018 - 10:29 p.m.

CVE-2017-5814

2018-02-1522:29:06

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.002

Percentile

55.9%

JSON

A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

Affected configurations

Nvd

Node

hpnetwork_automationMatch9.10

hpnetwork_automationMatch9.20

hpnetwork_automationMatch9.22

hpnetwork_automationMatch9.22.01

hpnetwork_automationMatch9.22.02

hpnetwork_automationMatch10.00

hpnetwork_automationMatch10.00.01

hpnetwork_automationMatch10.00.02

hpnetwork_automationMatch10.10

hpnetwork_automationMatch10.11

hpnetwork_automationMatch10.21

VendorProductVersionCPE
hpnetwork_automation9.10cpe:2.3:a:hp:network_automation:9.10:*:*:*:*:*:*:*
hpnetwork_automation9.20cpe:2.3:a:hp:network_automation:9.20:*:*:*:*:*:*:*
hpnetwork_automation9.22cpe:2.3:a:hp:network_automation:9.22:*:*:*:*:*:*:*
hpnetwork_automation9.22.01cpe:2.3:a:hp:network_automation:9.22.01:*:*:*:*:*:*:*
hpnetwork_automation9.22.02cpe:2.3:a:hp:network_automation:9.22.02:*:*:*:*:*:*:*
hpnetwork_automation10.00cpe:2.3:a:hp:network_automation:10.00:*:*:*:*:*:*:*
hpnetwork_automation10.00.01cpe:2.3:a:hp:network_automation:10.00.01:*:*:*:*:*:*:*
hpnetwork_automation10.00.02cpe:2.3:a:hp:network_automation:10.00.02:*:*:*:*:*:*:*
hpnetwork_automation10.10cpe:2.3:a:hp:network_automation:10.10:*:*:*:*:*:*:*
hpnetwork_automation10.11cpe:2.3:a:hp:network_automation:10.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	network_automation	9.10	cpe:2.3:a:hp:network_automation:9.10:::::::*
hp	network_automation	9.20	cpe:2.3:a:hp:network_automation:9.20:::::::*
hp	network_automation	9.22	cpe:2.3:a:hp:network_automation:9.22:::::::*
hp	network_automation	9.22.01	cpe:2.3:a:hp:network_automation:9.22.01:::::::*
hp	network_automation	9.22.02	cpe:2.3:a:hp:network_automation:9.22.02:::::::*
hp	network_automation	10.00	cpe:2.3:a:hp:network_automation:10.00:::::::*
hp	network_automation	10.00.01	cpe:2.3:a:hp:network_automation:10.00.01:::::::*
hp	network_automation	10.00.02	cpe:2.3:a:hp:network_automation:10.00.02:::::::*
hp	network_automation	10.10	cpe:2.3:a:hp:network_automation:10.10:::::::*
hp	network_automation	10.11	cpe:2.3:a:hp:network_automation:10.11:::::::*

Rows per page:

1-10 of 111

References

www.securityfocus.com/bid/98331

www.securitytracker.com/id/1038407

support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.002

Percentile

55.9%

JSON

Related for NVD:CVE-2017-5814

cve1 prion1 cvelist1 nessus1