VYPR
Unrated severityNVD Advisory· Published May 10, 2019· Updated Aug 5, 2024

CVE-2018-7119

CVE-2018-7119

Description

A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials.

Affected products

3
  • Range: < T9750L01^AIC or T9750H05^AIH (later versions when PASSWORD-PROMPT not BLIND); all versions on H-series
  • Range: < T6533L01^ADU or T6533H05^ADW (later versions when PASSWORD-PROMPT not BLIND); all versions on H-series
  • HPE/NonStop SAFEGAURD and NonStop H-series STDSEC-STANDARD SECURITY Productv5
    Range: SAFEGUARD All prior versions before SPR T9750L01^AIC or T9750H05^AIH

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.