CVE-2019-19539 Information

Description

An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF. By reading ADB or AADB file content within the Installation subvolume a Guardian user can discover the password of the group.user or alias who acknowledges events from the WVP Events screen.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03981en_us

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.5