← Back to CVEs
CVE-2015-2802
HIGH7.5
Description
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.
CVE Details
CVSS v3.1 Score7.5
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published2/4/2020
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
hp:asset_managerhp:asset_manager_cloudsystem_chargebackhp:sitescopelinux:linux_kernelmicrosoft:windowsoracle:solaris
Weaknesses (CWE)
CWE-200
References
http://marc.info/?l=bugtraq&m=143455780010289&w=2(cve@mitre.org)
http://marc.info/?l=bugtraq&m=143629738517220&w=2(cve@mitre.org)
http://www.securityfocus.com/bid/75258(cve@mitre.org)
https://packetstormsecurity.com/files/cve/CVE-2015-2802(cve@mitre.org)
https://securitytracker.com/id/1032599(cve@mitre.org)
http://marc.info/?l=bugtraq&m=143455780010289&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=143629738517220&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/75258(af854a3a-2127-422b-91ae-364da2661108)
https://packetstormsecurity.com/files/cve/CVE-2015-2802(af854a3a-2127-422b-91ae-364da2661108)
https://securitytracker.com/id/1032599(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.