Design/Logic Flaw

2018-10-1713:29:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.7%

JSON

A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is that the info can be changed by other users.

CPENameOperatorVersion
universal_internet_of_thingseq1.2.4.2
universal_internet_of_thingseq1.4.0
universal_internet_of_thingseq1.4.1
universal_internet_of_thingseq1.4.2
universal_internet_of_thingseq1.5

Name	Operator	Version
universal_internet_of_things	eq	1.2.4.2
universal_internet_of_things	eq	1.4.0
universal_internet_of_things	eq	1.4.1
universal_internet_of_things	eq	1.4.2
universal_internet_of_things	eq	1.5