Search criteria
24 vulnerabilities found for 3par_service_processor_firmware by hp
FKIE_CVE-2024-22442
Vulnerability from fkie_nvd - Published: 2024-07-16 16:15 - Updated: 2024-11-21 08:56
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The vulnerability could be remotely exploited to bypass authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8294955E-CB75-4F2B-89B9-EFE1BDACA913",
"versionEndExcluding": "5.1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D241CDD7-CAA1-460D-814D-9302B76054F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vulnerability could be remotely exploited to bypass authentication."
},
{
"lang": "es",
"value": "La vulnerabilidad podr\u00eda explotarse de forma remota para evitar la autenticaci\u00f3n."
}
],
"id": "CVE-2024-22442",
"lastModified": "2024-11-21T08:56:17.950",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-alert@hpe.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-16T16:15:04.017",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us\u0026docLocale=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us\u0026docLocale=en_US"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2019-5400
Vulnerability from fkie_nvd - Published: 2019-08-09 18:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B863CD1-E9C8-40F5-B57A-394672200D53",
"versionEndExcluding": "5.0.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EB35E-D915-4C4E-81F5-8DAC3FD2336C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de reutilizaci\u00f3n de sesi\u00f3n remota en HPE 3PAR Service Processor versi\u00f3n(es): anteriores a 5.0.5.1."
}
],
"id": "CVE-2019-5400",
"lastModified": "2024-11-21T04:44:52.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T18:15:12.213",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5398
Vulnerability from fkie_nvd - Published: 2019-08-09 18:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B863CD1-E9C8-40F5-B57A-394672200D53",
"versionEndExcluding": "5.0.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EB35E-D915-4C4E-81F5-8DAC3FD2336C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de tipo cross-site m\u00faltiple remota en HPE 3PAR Service Processor versi\u00f3n(es): anteriores a 5.0.5.1."
}
],
"id": "CVE-2019-5398",
"lastModified": "2024-11-21T04:44:52.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T18:15:11.510",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5399
Vulnerability from fkie_nvd - Published: 2019-08-09 18:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B863CD1-E9C8-40F5-B57A-394672200D53",
"versionEndExcluding": "5.0.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EB35E-D915-4C4E-81F5-8DAC3FD2336C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de obtenci\u00f3n de acceso autorizado remota en HPE 3PAR Service Processor versi\u00f3n(es): anteriores a 5.0.5.1."
}
],
"id": "CVE-2019-5399",
"lastModified": "2024-11-21T04:44:52.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T18:15:11.867",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5397
Vulnerability from fkie_nvd - Published: 2019-08-09 18:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B863CD1-E9C8-40F5-B57A-394672200D53",
"versionEndExcluding": "5.0.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EB35E-D915-4C4E-81F5-8DAC3FD2336C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de omisi\u00f3n de las restricciones de seguridad remota en HPE 3PAR Service Processor versi\u00f3n(es): anteriores a 5.0.5.1."
}
],
"id": "CVE-2019-5397",
"lastModified": "2024-11-21T04:44:51.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T18:15:11.417",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5396
Vulnerability from fkie_nvd - Published: 2019-08-09 17:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B863CD1-E9C8-40F5-B57A-394672200D53",
"versionEndExcluding": "5.0.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EB35E-D915-4C4E-81F5-8DAC3FD2336C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n remota en HPE 3PAR Service Processor versi\u00f3n(es): anteriores a 5.0.5.1."
}
],
"id": "CVE-2019-5396",
"lastModified": "2024-11-21T04:44:51.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T17:15:11.470",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5395
Vulnerability from fkie_nvd - Published: 2019-08-09 17:15 - Updated: 2024-11-21 04:44
Severity ?
Summary
A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B863CD1-E9C8-40F5-B57A-394672200D53",
"versionEndExcluding": "5.0.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EB35E-D915-4C4E-81F5-8DAC3FD2336C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de carga de archivos arbitraria remota en HPE 3PAR Service Processor versi\u00f3n(es): anteriores a 5.0.5.1."
}
],
"id": "CVE-2019-5395",
"lastModified": "2024-11-21T04:44:51.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T17:15:11.423",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-11991
Vulnerability from fkie_nvd - Published: 2019-07-09 19:15 - Updated: 2024-11-21 04:22
Severity ?
Summary
HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 3par_service_processor_firmware | * | |
| hp | 3par_service_processor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0AEAFC-B517-498E-A850-B4FD3CBB5EA8",
"versionEndIncluding": "4.4",
"versionStartIncluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:3par_service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EB35E-D915-4C4E-81F5-8DAC3FD2336C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays."
},
{
"lang": "es",
"value": "HPE ha identificado una vulnerabilidad en HPE 3PAR Service Processor (SP) versi\u00f3n 4.1 hasta 4.4. HPE 3PAR Service Processor (SP) versi\u00f3n 4.1 hasta 4.4 presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n remota que puede permitir la ruptura de la confidencialidad, integridad y disponibilidad del procesador de servicios y cualquier matriz 3PAR administrada."
}
],
"id": "CVE-2019-11991",
"lastModified": "2024-11-21T04:22:07.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-09T19:15:12.013",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-22442 (GCVE-0-2024-22442)
Vulnerability from cvelistv5 – Published: 2024-07-16 15:45 – Updated: 2024-08-01 22:43
VLAI?
Summary
The vulnerability could be remotely exploited to bypass authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
5.1.1 and earlier
(custom)
|
Credits
Hewlett Packard Enterprise acknowledges Milad Fadavvi for reporting this issue to security-alert@hpe.com.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "3par_service_processor_firmware",
"vendor": "hp",
"versions": [
{
"lessThan": "5.1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T17:49:29.321484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T18:11:59.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us\u0026docLocale=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "5.1.1 and earlier",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Hewlett Packard Enterprise acknowledges Milad Fadavvi for reporting this issue to security-alert@hpe.com."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability could be remotely exploited to bypass authentication."
}
],
"value": "The vulnerability could be remotely exploited to bypass authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T15:45:51.809Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us\u0026docLocale=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2024-22442",
"datePublished": "2024-07-16T15:45:51.809Z",
"dateReserved": "2024-01-10T15:24:39.967Z",
"dateUpdated": "2024-08-01T22:43:34.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5400 (GCVE-0-2019-5400)
Vulnerability from cvelistv5 – Published: 2019-08-09 17:05 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote session reuse
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote session reuse",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:05:56",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote session reuse"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5400",
"datePublished": "2019-08-09T17:05:56",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5399 (GCVE-0-2019-5399)
Vulnerability from cvelistv5 – Published: 2019-08-09 17:04 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote gain authorized access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote gain authorized access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:04:54",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote gain authorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5399",
"datePublished": "2019-08-09T17:04:54",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5398 (GCVE-0-2019-5398)
Vulnerability from cvelistv5 – Published: 2019-08-09 17:03 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote multiple multiple cross-site
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote multiple multiple cross-site",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:03:35",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote multiple multiple cross-site"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5398",
"datePublished": "2019-08-09T17:03:35",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5397 (GCVE-0-2019-5397)
Vulnerability from cvelistv5 – Published: 2019-08-09 17:01 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote bypass of security restrictions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote bypass of security restrictions",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:01:49",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote bypass of security restrictions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5397",
"datePublished": "2019-08-09T17:01:49",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5396 (GCVE-0-2019-5396)
Vulnerability from cvelistv5 – Published: 2019-08-09 17:00 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote authentication bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:00:34",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5396",
"datePublished": "2019-08-09T17:00:34",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5395 (GCVE-0-2019-5395)
Vulnerability from cvelistv5 – Published: 2019-08-09 16:57 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote arbitrary file upload
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote arbitrary file upload",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T16:57:09",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote arbitrary file upload"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5395",
"datePublished": "2019-08-09T16:57:09",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11991 (GCVE-0-2019-11991)
Vulnerability from cvelistv5 – Published: 2019-07-09 18:32 – Updated: 2024-08-04 23:10
VLAI?
Summary
HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays.
Severity ?
No CVSS data available.
CWE
- remote disclosure of privileged information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | HPE 3PAR Service Processors |
Affected:
version 4.1 through 4.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processors",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "version 4.1 through 4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote disclosure of privileged information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-09T18:32:04",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-11991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processors",
"version": {
"version_data": [
{
"version_value": "version 4.1 through 4.4"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote disclosure of privileged information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-11991",
"datePublished": "2019-07-09T18:32:04",
"dateReserved": "2019-05-13T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22442 (GCVE-0-2024-22442)
Vulnerability from nvd – Published: 2024-07-16 15:45 – Updated: 2024-08-01 22:43
VLAI?
Summary
The vulnerability could be remotely exploited to bypass authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
5.1.1 and earlier
(custom)
|
Credits
Hewlett Packard Enterprise acknowledges Milad Fadavvi for reporting this issue to security-alert@hpe.com.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:hp:3par_service_processor_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "3par_service_processor_firmware",
"vendor": "hp",
"versions": [
{
"lessThan": "5.1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T17:49:29.321484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T18:11:59.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us\u0026docLocale=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "5.1.1 and earlier",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Hewlett Packard Enterprise acknowledges Milad Fadavvi for reporting this issue to security-alert@hpe.com."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability could be remotely exploited to bypass authentication."
}
],
"value": "The vulnerability could be remotely exploited to bypass authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T15:45:51.809Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us\u0026docLocale=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2024-22442",
"datePublished": "2024-07-16T15:45:51.809Z",
"dateReserved": "2024-01-10T15:24:39.967Z",
"dateUpdated": "2024-08-01T22:43:34.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5400 (GCVE-0-2019-5400)
Vulnerability from nvd – Published: 2019-08-09 17:05 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote session reuse
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote session reuse",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:05:56",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote session reuse"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5400",
"datePublished": "2019-08-09T17:05:56",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5399 (GCVE-0-2019-5399)
Vulnerability from nvd – Published: 2019-08-09 17:04 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote gain authorized access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote gain authorized access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:04:54",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote gain authorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5399",
"datePublished": "2019-08-09T17:04:54",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5398 (GCVE-0-2019-5398)
Vulnerability from nvd – Published: 2019-08-09 17:03 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote multiple multiple cross-site
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote multiple multiple cross-site",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:03:35",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote multiple multiple cross-site"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5398",
"datePublished": "2019-08-09T17:03:35",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5397 (GCVE-0-2019-5397)
Vulnerability from nvd – Published: 2019-08-09 17:01 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote bypass of security restrictions
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote bypass of security restrictions",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:01:49",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote bypass of security restrictions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5397",
"datePublished": "2019-08-09T17:01:49",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5396 (GCVE-0-2019-5396)
Vulnerability from nvd – Published: 2019-08-09 17:00 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote authentication bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T17:00:34",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5396",
"datePublished": "2019-08-09T17:00:34",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5395 (GCVE-0-2019-5395)
Vulnerability from nvd – Published: 2019-08-09 16:57 – Updated: 2024-08-04 19:54
VLAI?
Summary
A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
Severity ?
No CVSS data available.
CWE
- remote arbitrary file upload
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE 3PAR Service Processor |
Affected:
prior to 5.0.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processor",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "prior to 5.0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote arbitrary file upload",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T16:57:09",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-5395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processor",
"version": {
"version_data": [
{
"version_value": "prior to 5.0.5.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise (HPE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote arbitrary file upload"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03942en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-5395",
"datePublished": "2019-08-09T16:57:09",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11991 (GCVE-0-2019-11991)
Vulnerability from nvd – Published: 2019-07-09 18:32 – Updated: 2024-08-04 23:10
VLAI?
Summary
HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays.
Severity ?
No CVSS data available.
CWE
- remote disclosure of privileged information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | HPE 3PAR Service Processors |
Affected:
version 4.1 through 4.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE 3PAR Service Processors",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "version 4.1 through 4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote disclosure of privileged information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-09T18:32:04",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-11991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE 3PAR Service Processors",
"version": {
"version_data": [
{
"version_value": "version 4.1 through 4.4"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote disclosure of privileged information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03918en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-11991",
"datePublished": "2019-07-09T18:32:04",
"dateReserved": "2019-05-13T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}