CVE-2019-12001

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:h:hpe:msa_1040:-:*:*:*:*:*:*:*
cpe:2.3:o:hpe:msa_1040_firmware:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:h:hpe:msa_2040:-:*:*:*:*:*:*:*
cpe:2.3:o:hpe:msa_2040_firmware:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:h:hpe:msa_2042:-:*:*:*:*:*:*:*
cpe:2.3:o:hpe:msa_2042_firmware:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:h:hpe:msa_1050:-:*:*:*:*:*:*:*
cpe:2.3:o:hpe:msa_1050_firmware:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:h:hpe:msa_2050:-:*:*:*:*:*:*:*
cpe:2.3:o:hpe:msa_2050_firmware:*:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:h:hpe:msa_2052:-:*:*:*:*:*:*:*
cpe:2.3:o:hpe:msa_2052_firmware:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-04-17 14:15

Updated : 2020-04-28 15:06


NVD link : CVE-2019-12001

Mitre link : CVE-2019-12001

CVE.ORG link : CVE-2019-12001


JSON object : View

Products Affected

hpe

  • msa_2042
  • msa_1050_firmware
  • msa_2050
  • msa_1040
  • msa_2052
  • msa_2042_firmware
  • msa_2050_firmware
  • msa_2040
  • msa_2040_firmware
  • msa_1050
  • msa_2052_firmware
  • msa_1040_firmware
CWE
CWE-613

Insufficient Session Expiration