Overview
- Description
- A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials.
- Source
- security-alert@hpe.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 1.9
- Impact score
- 2.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:nonstop_safeguard_h_series:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1334495B-CBA5-41A3-A3C6-235BB7388F77"
},
{
"criteria": "cpe:2.3:a:hp:nonstop_safeguard_j_series:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF4F15A0-4ADC-48C5-9C0A-4F5E443B47C4",
"versionEndExcluding": "t9750h05\\^aih"
},
{
"criteria": "cpe:2.3:a:hp:nonstop_safeguard_l_series:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "603491A6-2BB5-4A08-B819-4FF4F8A2693A",
"versionEndExcluding": "t9750l01\\^aic"
},
{
"criteria": "cpe:2.3:a:hp:nonstop_standard_security_h_series:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "774EFC8D-2B4C-49A5-9885-C39009B213E1"
},
{
"criteria": "cpe:2.3:a:hp:nonstop_standard_security_j_series:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08168B55-1A1A-49F3-83E7-D6BAFFF413B3",
"versionEndIncluding": "t6533h05\\^adw"
},
{
"criteria": "cpe:2.3:a:hp:nonstop_standard_security_l_series:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85B60218-AAAB-4A6C-A1DF-0754505EA142",
"versionEndExcluding": "t6533l01\\^adu"
}
],
"operator": "OR"
}
]
}
]