Vulnerability Details : CVE-2017-8985
HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00.
Vulnerability category: Information leak
Products affected by CVE-2017-8985
- HP » Xp Storage Hitachi Global Link ManagerVersions from including (>=) 6.3.0-00 and up to, including, (<=) 8.5.2-00cpe:2.3:a:hp:xp_storage_hitachi_global_link_manager:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-8985
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-8985
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.8
|
3.4
|
NIST |
CWE ids for CVE-2017-8985
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-8985
-
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03819en_us
HPESBHF03819 rev.2 - HPE XP Storage using HGLM, Local Authentication BypassVendor Advisory
Jump to