CVE-2018-18593

Опубликовано: 31 дек. 2018

Источник: nvd

CVSS3: 6.5

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:*:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:cup1:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:cup2:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:cup3:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:cup4:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:cup5:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:cup6:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.22:cup7:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.33:*:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.33:cup1:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.33:cup2:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:10.33:cup3:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:2018.02:*:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:2018.05:*:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:2018.08:*:*:*:*:*:*:*

cpe:2.3:a:hp:ucmdb_configuration_manager:2018.11:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01526

Низкий

6.5 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-v7cj-g3gx-p5gf

CVSS3: 7.5

github

больше 3 лет назад

EPSS

Процентиль: 81%

0.01526

Низкий

6.5 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22