CVE-2025-43489

CWE-502Deserialization of Untrusted Data3 documents3 sources
Severity
2.0LOW
EPSS
0.1%
top 67.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Poly Clariti ManagerHP Inc. Poly Clariti Manager
Timeline
PublishedJul 23

Description

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could deserialize untrusted data without validation. HP has addressed the issue in the latest software update.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5hp_inc./poly_clariti_managerSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

2
GHSA
GHSA-q69q-869h-5r34: A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 102025-07-23
CVEList
Poly Clariti Manager - Multiple Security Vulnerabilities2025-07-22
CVE-2025-43489 (LOW CVSS 2) | A potential security vulnerability | cvebase.io