PT-2020-7824 · Hewlett Packard · Hp Sitescope+2
Published
2020-02-04
·
Updated
2021-09-09
·
CVE-2015-2802
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
HP SiteScope versions 11.2 through 11.3
HP Asset Manager versions 9.30 through 9.32
HP Asset Manager versions 9.40 through 9.41
HP Asset Manager version 9.50
Asset Manager Cloudsystem Chargeback version 9.40
Description:
An Information Disclosure issue exists, which could let a remote malicious user obtain sensitive information. This is related to the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.
Recommendations:
For HP SiteScope versions 11.2 through 11.3, update to a version that addresses the RC4 cipher Bar Mitzvah vulnerability.
For HP Asset Manager versions 9.30 through 9.32, update to a version that addresses the RC4 cipher Bar Mitzvah vulnerability.
For HP Asset Manager versions 9.40 through 9.41, update to a version that addresses the RC4 cipher Bar Mitzvah vulnerability.
For HP Asset Manager version 9.50, update to a version that addresses the RC4 cipher Bar Mitzvah vulnerability.
For Asset Manager Cloudsystem Chargeback version 9.40, update to a version that addresses the RC4 cipher Bar Mitzvah vulnerability.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Asset Manager Cloudsystem Chargeback
Hp Assetmanager
Hp Sitescope