CVE-2015-5440

HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securitytracker.com/id/1033528
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790231	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:universal_configuration_management_database:10.00:::::::*
	cpe:2.3:a:hp:universal_configuration_management_database:10.01:::::::*
	cpe:2.3:a:hp:universal_configuration_management_database:10.10:::::::*
	cpe:2.3:a:hp:universal_configuration_management_database:10.11:::::::*
	cpe:2.3:a:hp:universal_configuration_management_database:10.21:::::::*

History

No history.

Information

Published : 2015-09-16 14:59

Updated : 2023-12-10 11:46

NVD link : CVE-2015-5440

Mitre link : CVE-2015-5440

CVE.ORG link : CVE-2015-5440

JSON object : View

Products Affected

hp

universal_configuration_management_database

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2015-5440", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-09-16T14:59:01.587", "references": [{"url": "http://www.securitytracker.com/id/1033528", "source": "hp-security-alert@hp.com"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790231", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad en HP UCMDB 10.00 y 10.01 en versiones anteriores a 10.01CUP12, 10.10 y 10.11 en versiones anteriores a 10.11CUP6 y 10.2x en versiones anteriores a 10.21, permite a usuarios locales obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."}], "lastModified": "2016-12-22T03:00:00.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:universal_configuration_management_database:10.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7DF9ADB-8E65-4FBB-9684-9B1911453B57"}, {"criteria": "cpe:2.3:a:hp:universal_configuration_management_database:10.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4DA9505-A0DB-4782-9787-6B9D7655CE1A"}, {"criteria": "cpe:2.3:a:hp:universal_configuration_management_database:10.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFC58CA4-066A-40E4-A4E8-044E90030DB9"}, {"criteria": "cpe:2.3:a:hp:universal_configuration_management_database:10.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63BBB6F6-DF74-44C7-B0F5-97E18356566C"}, {"criteria": "cpe:2.3:a:hp:universal_configuration_management_database:10.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7598F19-7105-408D-BBD4-6B62B8926C76"}], "operator": "OR"}]}], "sourceIdentifier": "hp-security-alert@hp.com"}