CVE-2018-7119
N/A
Summary
A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HPE | NonStop SAFEGAURD and NonStop H-series STDSEC-STANDARD SECURITY Product | SAFEGUARD All prior versions before SPR T9750L01^AIC or T9750H05^AIH | affected |
| HPE | NonStop SAFEGAURD and NonStop H-series STDSEC-STANDARD SECURITY Product | and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND | affected |
| HPE | NonStop SAFEGAURD and NonStop H-series STDSEC-STANDARD SECURITY Product | all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW | affected |
| HPE | NonStop SAFEGAURD and NonStop H-series STDSEC-STANDARD SECURITY Product | all versions on H-series | affected |
Weaknesses
- Local Disclosure of Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.