CVE-2018-7119

Published: May 10, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials.

Vendor	Product	Versions
HPE	NonStop SAFEGAURD and NonStop H-series STDSEC-STANDARD SECURITY Product	affected `SAFEGUARD All prior versions before SPR T9750L01^AIC or T9750H05^AIH` affected `and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND` affected `all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW` affected `all versions on H-series`

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03910en_us

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-7119

Description

Affected Products

References