CVE-2014-7883

Опубликовано: 15 фев. 2015

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.

Ссылки

http://www.kb.cert.org/vuls/id/867593
Third Party Advisory
US Government Resource
http://www.securitytracker.com/id/1031688
Third Party Advisory
VDB Entry
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906
Not Applicable
http://www.kb.cert.org/vuls/id/867593
Third Party Advisory
US Government Resource
http://www.securitytracker.com/id/1031688
Third Party Advisory
VDB Entry
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906
Not Applicable

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hp:universal_configuration_management_database:9.05:*:*:*:*:*:*:*

cpe:2.3:a:hp:universal_configuration_management_database:10.01:*:*:*:*:*:*:*

cpe:2.3:a:hp:universal_configuration_management_database:10.11:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.57742

Средний

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-38hj-p2p8-hhm2

github

больше 3 лет назад