CVE-2015-5432

HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019	Vendor Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774021	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:hp:virtual_connect_enterprise_manager_sdk:*:*:*:*:*:*:*:*

cpe:2.3:a:hp:matrix_operating_environment:7.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-08-27 02:59

Updated : 2015-08-27 13:46

NVD link : CVE-2015-5432

Mitre link : CVE-2015-5432

CVE.ORG link : CVE-2015-5432

JSON object : View

Products Affected

hp

virtual_connect_enterprise_manager_sdk
matrix_operating_environment

CWE

NVD-CWE-noinfo

{"id": "CVE-2015-5432", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-08-27T02:59:12.967", "references": [{"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774021", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad en HP Virtual Connect Enterprise Manager (VCEM) SDK en versiones anteriores a 7.5.0, tal como se utiliza en HP Matrix Operating Environment en versiones anteriores a 7.5.0 y otros productos, permite a atacantes remotos obtener informaci\u00f3n sensible o modificar datos a trav\u00e9s de vectores no especificados."}], "lastModified": "2015-08-27T13:46:34.047", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:virtual_connect_enterprise_manager_sdk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "776AF1F6-5D7C-4B64-8F75-D35901168D7A", "versionEndIncluding": "7.4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:matrix_operating_environment:7.4:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5FC41822-E316-4E96-B362-7B60FC686A94"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}