CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
98.9%
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
Vendor | Product | Version | CPE |
---|---|---|---|
hp | network_automation | 9.10 | cpe:2.3:a:hp:network_automation:9.10:*:*:*:*:*:*:* |
hp | network_automation | 9.20 | cpe:2.3:a:hp:network_automation:9.20:*:*:*:*:*:*:* |
hp | network_automation | 9.22 | cpe:2.3:a:hp:network_automation:9.22:*:*:*:*:*:*:* |
hp | network_automation | 9.22.01 | cpe:2.3:a:hp:network_automation:9.22.01:*:*:*:*:*:*:* |
hp | network_automation | 9.22.02 | cpe:2.3:a:hp:network_automation:9.22.02:*:*:*:*:*:*:* |
hp | network_automation | 10.00 | cpe:2.3:a:hp:network_automation:10.00:*:*:*:*:*:*:* |
hp | network_automation | 10.00.01 | cpe:2.3:a:hp:network_automation:10.00.01:*:*:*:*:*:*:* |
hp | network_automation | 10.00.02 | cpe:2.3:a:hp:network_automation:10.00.02:*:*:*:*:*:*:* |
hp | network_automation | 10.10 | cpe:2.3:a:hp:network_automation:10.10:*:*:*:*:*:*:* |
hp | network_automation | 10.11 | cpe:2.3:a:hp:network_automation:10.11:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
98.9%