CVE-2018-18593

EUVD-2018-10313
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
microfocusCNA
6.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
hpucmdb_configuration_manager
10.22
hpucmdb_configuration_manager
10.22:cup1
hpucmdb_configuration_manager
10.22:cup2
hpucmdb_configuration_manager
10.22:cup3
hpucmdb_configuration_manager
10.22:cup4
hpucmdb_configuration_manager
10.22:cup5
hpucmdb_configuration_manager
10.22:cup6
hpucmdb_configuration_manager
10.22:cup7
hpucmdb_configuration_manager
10.33
hpucmdb_configuration_manager
10.33:cup1
hpucmdb_configuration_manager
10.33:cup2
hpucmdb_configuration_manager
10.33:cup3
hpucmdb_configuration_manager
2018.02
hpucmdb_configuration_manager
2018.05
hpucmdb_configuration_manager
2018.08
hpucmdb_configuration_manager
2018.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/106374
https://softwaresupport.softwaregrp.com/doc/KM03309650
http://www.securityfocus.com/bid/106374
https://softwaresupport.softwaregrp.com/doc/KM03309650