CVE-2018-7091

CWE-601 — Open Redirect3 documents3 sources

Severity

6.1MEDIUM

EPSS

0.2%

top 52.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP XP 9000 Command View Hewlett Packard Enterprise HPE XP P9000 Command View Advanced Edition Software (cvae)

Timeline

PublishedAug 6

Latest updateMay 14

Description

HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶CVEListV5hewlett_packard_enterprise/hpe_xp_p9000_command_view_advanced_edition_software_(cvae)versions 7.0.0-00 to earlier than 8.60-00

▶NVDhp/xp_9000_command_view7.0.0-00 — 8.60-00

🔴Vulnerability Details

GHSA

GHSA-7jhv-x45q-jhqc: HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7↗2022-05-14

▶

CVEList

CVE-2018-7091: HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7↗2018-08-06

▶