CVE-2015-2139

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403.

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744	Vendor Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*

cpe:2.3:a:hp:matrix_operating_environment:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-08-27 02:59

Updated : 2023-12-10 11:46

NVD link : CVE-2015-2139

Mitre link : CVE-2015-2139

CVE.ORG link : CVE-2015-2139

JSON object : View

Products Affected

hp

matrix_operating_environment
systems_insight_manager

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2015-2139", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-08-27T02:59:00.107", "references": [{"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403."}, {"lang": "es", "value": "Vulnerabilidad en HP Systems Insight Manager (SIM) en versiones anteriores a 7.5.0, tal como se utiliza en HP Matrix Operating Environment en versiones anteriores a 7.5.0 y otros productos, permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5403."}], "lastModified": "2015-08-27T13:25:47.843", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BB33421-866C-4D7A-AE82-50DB4EBBEE4C", "versionEndIncluding": "7.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:matrix_operating_environment:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15F63F88-F511-4462-8625-800C5FF1E788", "versionEndIncluding": "7.4"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}