CVE-2018-7071

Published: Aug 6, 2018Modified: Nov 21, 2024

4.3

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3.

Affected (3)

Products: Hp: Network Function Virtualization Director

1 product

Network Function Virtualization Director

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Network Function Virtualization Director	Up to 4.2.1

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Hp Network Function Virtualization Director	Version 4.2.1 p1
Hp Network Function Virtualization Director	Version 4.2.1 p2

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03853en_us

Source: security-alert@hpe.com

Vendor Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03853en_us

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.