Lucene search

[email protected]NVD:CVE-2015-7863

HistoryOct 19, 2015 - 6:59 p.m.

CVE-2015-7863

2015-10-1918:59:10

CWE-254

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.2%

JSON

The default configuration of Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.

Affected configurations

NVD

Node

acceleriteradia_client_automationMatch7.9

acceleriteradia_client_automationMatch8.1

acceleriteradia_client_automationMatch9.0

acceleriteradia_client_automationMatch9.1

References

www.securitytracker.com/id/1033862

support.accelerite.com/hc/en-us/articles/203659814-Accelerite-releases-solutions-and-best-practices-to-enhance-the-security-for-RBAC-and-Remote-Notify-features

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.2%

JSON

Related for NVD:CVE-2015-7863

prion1 cve1 cvelist1