CVE-2025-43485

CWE-532 — Log File Information Exposure3 documents3 sources

Severity

5.7MEDIUM

EPSS

0.0%

top 92.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Poly Clariti Manager HP Inc. Poly Clariti Manager

Timeline

PublishedJul 23

Description

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N

Affected Packages2 packages

▶NVDhp/poly_clariti_manager< 10.12.2

▶CVEListV5hp_inc./poly_clariti_managerSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

GHSA

GHSA-8234-4ccx-5xmr: A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10↗2025-07-23

▶

CVEList

Poly Clariti Manager - Multiple Security Vulnerabilities↗2025-07-22

▶