PT-2020-9233 · Hewlett Packard · Hpe Opencall Media Platform

Published

2020-04-16

Updated

2020-05-01

CVE-2019-11999

CVSS v3.1

6.9

Medium

Vector

AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions HPE OpenCall Media Platform (OCMP) versions 4.4.X through 4.4.7 HPE OpenCall Media Platform (OCMP) version 4.5.x

Description Potential security vulnerabilities have been identified in HPE OpenCall Media Platform (OCMP) resulting in remote arbitrary file download and cross site scripting.

Recommendations For OCMP version 4.4.X, please upgrade to OCMP 4.4.8 and then install RP806. For OCMP 4.5.x, please contact HPE Technical Support to obtain the necessary software updates.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2019-11999

Affected Products

Hpe Opencall Media Platform

PT-2020-9233 · Hewlett Packard · Hpe Opencall Media Platform

CVE-2019-11999

Weakness Enumeration

Related Identifiers

Affected Products

References · 4