Lucene search

[email protected]NVD:CVE-2019-12001

HistoryApr 17, 2020 - 2:15 p.m.

CVE-2019-12001

2020-04-1714:15:14

CWE-613

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

CVSS3

6.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.

Affected configurations

Nvd

Node

hpemsa_1040Match-

AND

hpemsa_1040_firmwareRange≤gl225p001

Node

hpemsa_2040Match-

AND

hpemsa_2040_firmwareRange≤gl225p001

Node

hpemsa_2042Match-

AND

hpemsa_2042_firmwareRange≤gl225p001

Node

hpemsa_1050Match-

AND

hpemsa_1050_firmwareRange≤ve270r001-01

Node

hpemsa_2050Match-

AND

hpemsa_2050_firmwareRange≤vl270r001-01

Node

hpemsa_2052Match-

AND

hpemsa_2052_firmwareRange≤vl270r001-01

VendorProductVersionCPE
hpemsa_1040-cpe:2.3:h:hpe:msa_1040:-:*:*:*:*:*:*:*
hpemsa_1040_firmware*cpe:2.3:o:hpe:msa_1040_firmware:*:*:*:*:*:*:*:*
hpemsa_2040-cpe:2.3:h:hpe:msa_2040:-:*:*:*:*:*:*:*
hpemsa_2040_firmware*cpe:2.3:o:hpe:msa_2040_firmware:*:*:*:*:*:*:*:*
hpemsa_2042-cpe:2.3:h:hpe:msa_2042:-:*:*:*:*:*:*:*
hpemsa_2042_firmware*cpe:2.3:o:hpe:msa_2042_firmware:*:*:*:*:*:*:*:*
hpemsa_1050-cpe:2.3:h:hpe:msa_1050:-:*:*:*:*:*:*:*
hpemsa_1050_firmware*cpe:2.3:o:hpe:msa_1050_firmware:*:*:*:*:*:*:*:*
hpemsa_2050-cpe:2.3:h:hpe:msa_2050:-:*:*:*:*:*:*:*
hpemsa_2050_firmware*cpe:2.3:o:hpe:msa_2050_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hpe	msa_1040	-	cpe:2.3:h:hpe:msa_1040:-:::::::*
hpe	msa_1040_firmware	*	cpe:2.3:o:hpe:msa_1040_firmware::::::::
hpe	msa_2040	-	cpe:2.3:h:hpe:msa_2040:-:::::::*
hpe	msa_2040_firmware	*	cpe:2.3:o:hpe:msa_2040_firmware::::::::
hpe	msa_2042	-	cpe:2.3:h:hpe:msa_2042:-:::::::*
hpe	msa_2042_firmware	*	cpe:2.3:o:hpe:msa_2042_firmware::::::::
hpe	msa_1050	-	cpe:2.3:h:hpe:msa_1050:-:::::::*
hpe	msa_1050_firmware	*	cpe:2.3:o:hpe:msa_1050_firmware::::::::
hpe	msa_2050	-	cpe:2.3:h:hpe:msa_2050:-:::::::*
hpe	msa_2050_firmware	*	cpe:2.3:o:hpe:msa_2050_firmware::::::::

Rows per page:

1-10 of 121

References

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03940en_us

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

CVSS3

6.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

Related for NVD:CVE-2019-12001

cvelist1 cve1 prion1 nessus1