Authentication flaw

2018-09-2718:29:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.2%

JSON

HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template.

CPENameOperatorVersion
storageworks_xp7_automation_directoreq>= 8.5.22 AND < 8.6.10

CPE	Name	Operator	Version
	storageworks_xp7_automation_director	eq	>= 8.5.22 AND < 8.6.10

References

www.securitytracker.com/id/1041696

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03879en_us