Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-2802

Опубликовано: 04 фев. 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hp:asset_manager:9.30:*:*:*:*:*:*:*
cpe:2.3:a:hp:asset_manager:9.31:*:*:*:*:*:*:*
cpe:2.3:a:hp:asset_manager:9.32:*:*:*:*:*:*:*
cpe:2.3:a:hp:asset_manager:9.40:*:*:*:*:*:*:*
cpe:2.3:a:hp:asset_manager:9.41:*:*:*:*:*:*:*
cpe:2.3:a:hp:asset_manager:9.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:asset_manager_cloudsystem_chargeback:9.40:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:hp:sitescope:*:*:*:*:*:*:*:*
Версия от 11.20 (включая) до 11.24 (включая)
cpe:2.3:a:hp:sitescope:11.30:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.02152
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-3fmj-978w-qxm2

github
больше 3 лет назад

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.

EPSS

Процентиль: 84%
0.02152
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200