CVE-2018-7111 — MEDIUM (5.3)

Vulnerability Description

A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is that the info can be changed by other users.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Hp	Universal Internet Of Things	1.2.4.2

References

http://www.securityfocus.com/bid/105704Third Party AdvisoryVDB Entry
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/151691Third Party Advisory
http://www.securityfocus.com/bid/105704Third Party AdvisoryVDB Entry
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory

FAQ

What is CVE-2018-7111?

CVE-2018-7111 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and ...

How severe is CVE-2018-7111?

CVE-2018-7111 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-7111?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Universal Internet Of Things.