CVE-2025-43022

CWE-89SQL Injection3 documents3 sources
Severity
7.3HIGH
EPSS
0.0%
top 90.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Poly Clariti ManagerHP Inc. Poly Clariti Manager
Timeline
PublishedJul 22
Latest updateJul 23

Description

A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow a privileged user to execute SQL commands. HP has addressed the issue in the latest software update.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Affected Packages2 packages

CVEListV5hp_inc./poly_clariti_managerSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

2
GHSA
GHSA-vvgj-pgpc-h747: A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 102025-07-23
CVEList
Poly Clariti Manager - Multiple Security Vulnerabilities2025-07-22
CVE-2025-43022 (HIGH CVSS 7.3) | A potential SQL injection vulnerabi | cvebase.io