Vulnerability Description
A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hpe | Msa 1040 Firmware | <= gl225p001 |
| Hpe | Msa 1040 | - |
| Hpe | Msa 2040 Firmware | <= gl225p001 |
| Hpe | Msa 2040 | - |
| Hpe | Msa 2042 Firmware | <= gl225p001 |
| Hpe | Msa 2042 | - |
| Hpe | Msa 1050 Firmware | <= ve270r001-01 |
| Hpe | Msa 1050 | - |
| Hpe | Msa 2050 Firmware | <= vl270r001-01 |
| Hpe | Msa 2050 | - |
| Hpe | Msa 2052 Firmware | <= vl270r001-01 |
| Hpe | Msa 2052 | - |
References
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
FAQ
What is CVE-2019-12002?
CVE-2019-12002 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE ...
How severe is CVE-2019-12002?
CVE-2019-12002 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-12002?
Check the references section above for vendor advisories and patch information. Affected products include: Hpe Msa 1040 Firmware, Hpe Msa 1040, Hpe Msa 2040 Firmware, Hpe Msa 2040, Hpe Msa 2042 Firmware.