PT-2020-9234 · Hewlett Packard · Hpe Mse Msg Gw

Published

2020-07-17

Updated

2021-07-21

CVE-2019-12000

CVSS v3.1

6.6

Medium

Vector

AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HPE MSE Msg Gw application E-LTU versions prior to 3.2

Description A potential Remote Access Restriction Bypass issue has been found in the HPE MSE Msg Gw application E-LTU when HTTPS is used between the USSD and an external USSD service logic application.

Recommendations Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging Gateway Configuration and Operations Guide.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2019-12000

Affected Products

Hpe Mse Msg Gw

PT-2020-9234 · Hewlett Packard · Hpe Mse Msg Gw

CVE-2019-12000

Weakness Enumeration

Related Identifiers

Affected Products

References · 4