CVE-2024-11622

Summary

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)HPE Insight Remote Support0 < 7.14.0.629affected

Weaknesses

  • CWE-91: CWE-91 XML Injection (aka Blind XPath Injection)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References