Security bypass in HP Network Automation - CVE-2017-5813
Published: May 10, 2017
Vulnerability identifier: #VU6506
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-5813
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Hewlett Packard Enterprise Development LP
Affected software:
HP Network Automation
HP Network Automation
Detailed vulnerability description
The vulnerability allows a remote authenticated attacker to bypass security restrictions to the targeted system.
The weakness exists due to an unspecified condition that exists within the affected software. A remote attacker can bypass certain restrictions, view sensitive information or conduct further attacks.
Successful exploitation of the vulnerability results unauthorized access to the vulnerable system.
The weakness exists due to an unspecified condition that exists within the affected software. A remote attacker can bypass certain restrictions, view sensitive information or conduct further attacks.
Successful exploitation of the vulnerability results unauthorized access to the vulnerable system.
How to mitigate CVE-2017-5813
Update to version 10.00.022, 10.11.03 or 10.21.01.