← Back

CVE-2018-7119

nvd nist
Published: May 10, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.0
Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD

Description

A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials.

Affected (6)

Hp
6 products
Nonstop Safeguard H Series
Nonstop Safeguard J Series
Nonstop Safeguard L Series
Nonstop Standard Security H Series
Nonstop Standard Security J Series
Nonstop Standard Security L Series
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Nonstop Safeguard H Series
All versions
Nonstop Safeguard J Series
Before t9750h05\^aih
Nonstop Safeguard L Series
Before t9750l01\^aic
Nonstop Standard Security H Series
All versions
Nonstop Standard Security J Series
Up to t6533h05\^adw
Nonstop Standard Security L Series
Before t6533l01\^adu

References (2)

Source: security-alert@hpe.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.