SB2014070706 - Improper Authentication in HP SiteScope
Published: July 7, 2014 Updated: August 10, 2020
Security Bulletin ID
SB2014070706
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper Authentication (CVE-ID: CVE-2014-2614)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140.
Remediation
Install update from vendor's website.