Vulnerability Description
HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | 3Par Service Processor Firmware | >= 4.1, <= 4.4 |
| Hp | 3Par Service Processor | - |
Related Weaknesses (CWE)
References
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
FAQ
What is CVE-2019-11991?
CVE-2019-11991 is a vulnerability with a CVSS score of 9.8 (CRITICAL). HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability...
How severe is CVE-2019-11991?
CVE-2019-11991 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-11991?
Check the references section above for vendor advisories and patch information. Affected products include: Hp 3Par Service Processor Firmware, Hp 3Par Service Processor.