CVE-2015-2108
HP Security Bulletin HPSBMU03291 1
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
Vulnerabilidad no especificada en Powershell Operations en HP Operations Orchestration 9.x y 10.x permite a usuarios remotos autenticados obtener información sensible a través de vectores desconocidos.
A potential security vulnerability has been identified with HP Operations Orchestration running Powershell operations that could result in the remote disclosure of information. Revision 1 of this advisory.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-02-27 CVE Reserved
- 2015-03-25 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/73320 | Vdb Entry | |
| http://www.securitytracker.com/id/1031987 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417 | 2016-11-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | Operations Orchestration Search vendor "Hp" for product "Operations Orchestration" | 9.0 Search vendor "Hp" for product "Operations Orchestration" and version "9.0" | - |
Affected
| ||||||
| Hp Search vendor "Hp" | Operations Orchestration Search vendor "Hp" for product "Operations Orchestration" | 10.0 Search vendor "Hp" for product "Operations Orchestration" and version "10.0" | - |
Affected
| ||||||