CVE-2015-2802

CWE-200Information Exposure3 documents3 sources
Severity
7.5HIGH
EPSS
3.9%
top 11.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
HP SitescopeHP Asset ManagerHP Asset Manager Cloudsystem Chargeback
Timeline
PublishedFeb 4
Latest updateMay 24

Description

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDhp/asset_manager6 versions+5
NVDhp/sitescope11.2011.24+1

🔴Vulnerability Details

2
GHSA
GHSA-3fmj-978w-qxm2: An Information Disclosure vulnerability exists in HP SiteScope 112022-05-24
CVEList
CVE-2015-2802: An Information Disclosure vulnerability exists in HP SiteScope 112020-02-04
CVE-2015-2802 (HIGH CVSS 7.5) | An Information Disclosure vulnerabi | cvebase.io