CVE-2018-18593
Summary
| CVE | CVE-2018-18593 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-12-31 15:29:00 UTC |
| Updated | 2023-11-07 02:55:00 UTC |
| Description | Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hp | Ucmdb Configuration Manager | 10.22 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup1 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup2 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup3 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup4 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup5 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup6 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup7 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | cup1 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | cup2 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | cup3 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.02 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.05 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.08 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.11 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup1 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup2 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup3 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup4 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup5 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup6 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.22 | cup7 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | cup1 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | cup2 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 10.33 | cup3 | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.02 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.05 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.08 | All | All | All |
| Application | Hp | Ucmdb Configuration Manager | 2018.11 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| HP UCMDB Configuration Manager CVE-2018-18593 Multiple Security Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| MySupport - Micro Focus Software Support | MISC | softwaresupport.softwaregrp.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Micro Focus would like to thank Bahadir Pektas and Emre Ilbeyoglu for reporting this issue to [email protected].
There are currently no legacy QID mappings associated with this CVE.