Main Vulnerability Database Vulnerabilities #VU41784

Input validation error in Universal Configuration Management Database - CVE-2013-6214

Published: April 19, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41784

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2013-6214

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: HPE

Affected software:
Universal Configuration Management Database

Detailed vulnerability description

The vulnerability allows a remote #AU# to gain access to sensitive information.

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.

How to mitigate CVE-2013-6214

Install update from vendor's website.

Sources

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04220407

Input validation error in Universal Configuration Management Database - CVE-2013-6214

Detailed vulnerability description

How to mitigate CVE-2013-6214

Sources

Please verify you're human