CVE-2015-5448
low
CVSS v3
—
CVSS v2
2.1
VIR risk
2.1
Description
HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: hp-security-alert@hp.com — https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04863562
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| numara | asset_manager | 9.40 | |
| numara | asset_manager | 9.41 | |
References
- http://www.securityfocus.com/bid/77303
- http://www.securitytracker.com/id/1033957
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04863562
- http://www.securityfocus.com/bid/77303
- http://www.securitytracker.com/id/1033957
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04863562
CWEs
CWE-200
Verify integrity in audit chain (admin only). AS-IS.