PT-2020-19392 · Hewlett Packard · Hpe Oneview Global Dashboard

Published

2020-03-04

Updated

2020-03-05

CVE-2020-7130

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions HPE OneView Global Dashboard versions 1.9

Description The issue is a remote information disclosure vulnerability. After upgrading or installing HPE OneView Global Dashboard version 1.9, the appliance firewall may leave ports open. This vulnerability is resolved in version 1.91 or later.

Recommendations For HPE OneView Global Dashboard version 1.9, update to version 1.91 or later to resolve the issue. As a temporary workaround, consider restricting access to the open ports to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2020-7130

Affected Products

Hpe Oneview Global Dashboard

PT-2020-19392 · Hewlett Packard · Hpe Oneview Global Dashboard

CVE-2020-7130

Weakness Enumeration

Related Identifiers

Affected Products

References · 4