CVE-2017-8948

Published Feb 15, 2018

Last updated 6 years ago

CVSS critical 9.8

Overview

Description: A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found.
Source: security-alert@hpe.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:network_node_manager_i:10.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78F62362-4E86-49AA-A577-822CA8EA81AB"
          },
          {
            "criteria": "cpe:2.3:a:hp:network_node_manager_i:10.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90F0CEDE-3476-4B75-970E-BB7527D047B0"
          },
          {
            "criteria": "cpe:2.3:a:hp:network_node_manager_i:10.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39F18276-DD9D-487A-9F29-D93C034CABDF"
          },
          {
            "criteria": "cpe:2.3:a:hp:network_node_manager_i:10.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F09779C6-B8CA-4BFC-A07C-9BE21A74C2D9"
          },
          {
            "criteria": "cpe:2.3:a:hp:network_node_manager_i:10.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E49E752F-69D7-4787-88A1-96CE883F6000"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References