PT-2021-17056 · Hewlett Packard · Hpe Unified Data Management

Published

2021-03-30

Updated

2022-05-03

CVE-2021-26579

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions HPE Unified Data Management (UDM) versions prior to 1.2103.0

Description A security issue in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information due to the use of hard-coded cryptographic keys.

Recommendations For versions 1.2009.0 and 1.2101.0 of HPE Unified Data Management (UDM), update to version 1.2103.0 to remove all hard-coded cryptographic keys. For versions prior to 1.2009.0, update to version 1.2103.0 to remove all hard-coded cryptographic keys.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2021-26579

Affected Products

Hpe Unified Data Management

PT-2021-17056 · Hewlett Packard · Hpe Unified Data Management

CVE-2021-26579

Weakness Enumeration

Related Identifiers

Affected Products

References · 4