Main Vulnerability Database Exploits ID:3835 - Exploit for Information disclosure in Universal Configuration Management Database - CVE-2014-7883

ID:3835 - Exploit for Information disclosure in Universal Configuration Management Database - CVE-2014-7883

Published: August 9, 2020

Vulnerability identifier: #VU40892

Vulnerability risk: Medium

CVE-ID: CVE-2014-7883

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
Universal Configuration Management Database

Link to public exploit:

https://www.exploit-db.com/exploits/35982/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.

Remediation

Install update from vendor's website.

ID:3835 - Exploit for Information disclosure in Universal Configuration Management Database - CVE-2014-7883

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human