CVE-2024-22439

Published: Apr 15, 2024Modified: Nov 21, 2024

6.9

Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Exploitability: 1.7 / Impact: 4.7

Source: security-alert@hpe.com (Secondary)

Description

A potential security vulnerability has been identified in HPE FlexFabric and FlexNetwork series products. This vulnerability could be exploited to gain privileged access to switches resulting in information disclosure.

Related CWEs

CWE-639

Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (2)

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbnw04625en_us

Source: security-alert@hpe.com

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbnw04625en_us

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.