exploitDog

CVE-2021-26579

Опубликовано: 30 мар. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified Data Management (UDM). Version 1.2103.0 of HPE Unified Data Management (UDM) removes all hard-coded cryptographic keys.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hpe:unified_data_management:1.2009.0:*:*:*:*:*:*:*

cpe:2.3:a:hpe:unified_data_management:1.2101.0:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-gx25-hxv6-h79m

CVSS3: 5.5

github

больше 3 лет назад

A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified Data Management (UDM). Version 1.2103.0 of HPE Unified Data Management (UDM) removes all hard-coded cryptographic keys.

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-798