CVE-2015-5421

CWE-356 documents6 sources
Severity
7.5HIGH
EPSS
15.7%
top 5.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Keyview
Timeline
PublishedAug 24
Latest updateMay 14

Description

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2881.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

โ–ถNVDhp/keyview10.23.0.0 โ€” 10.23.0.1+1

๐Ÿ”ดVulnerability Details

3
GHSA
GHSA-cg4v-wffc-pfj3: Unspecified vulnerability in HP KeyView before 10โ†—2022-05-14
โ–ถ
GHSA
Improper Input Validation in Spring Frameworkโ†—2021-04-30
โ–ถ
CVEList
CVE-2015-5421: Unspecified vulnerability in HP KeyView before 10โ†—2015-08-24
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Red Hat
springframework: RFD protection bypass via jsessionidโ†—2020-09-17
โ–ถ

๐Ÿ’ฌCommunity

1
Bugzilla
CVE-2020-5421 springframework: RFD protection bypass via jsessionidโ†—2020-09-21
โ–ถ
CVE-2015-5421 (HIGH CVSS 7.5) | Unspecified vulnerability in HP Key | cvebase.io