CVE-2019-19539

Published: Jan 27, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ, Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR, and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF. By reading ADB or AADB file content within the Installation subvolume, a Guardian user can discover the password of the group.user or alias who acknowledges events from the WVP Events screen.

Affected (6)

Products: Hp: Web Viewpoint T0320, Web Viewpoint T0952, Web Viewpoint T0986

3 products

Web Viewpoint T0320

Web Viewpoint T0952

Web Viewpoint T0986

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Hp Web Viewpoint T0320	From t0320h01\^abo to t0320h01\^aby
Hp Web Viewpoint T0320	From t0320l01\^abp to t0320l01\^abz
Hp Web Viewpoint T0952	From t0952h01\^aag to t0952h01\^aaq
Hp Web Viewpoint T0952	From t0952l01\^aah to t0952l01\^aar
Hp Web Viewpoint T0986	From t0320l01\^abp to t0320l01\^abz
Hp Web Viewpoint T0986	From t0986h01 to t0986h01\^aae

Related CWEs

CWE-522

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (2)

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03981en_us

Source: cve@mitre.org

Vendor Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03981en_us

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.