Vulnerabilities > CVE-2018-7111 - Unspecified vulnerability in HP Universal Internet of Things

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

NVD

Published: 2018-10-17

Updated: 2019-10-03

Summary

A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is that the info can be changed by other users.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP Universal Internet OF Things 1.2.4.2 HP Universal Internet OF Things 1.4.0 HP Universal Internet OF Things 1.4.1 HP Universal Internet OF Things 1.4.2 HP Universal Internet OF Things 1.5	5

References

http://www.securityfocus.com/bid/105704
https://exchange.xforce.ibmcloud.com/vulnerabilities/151691
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03891en_us