CNVD-2015-05657

Vulnerability from cnvd - Published: 2015-08-27
VLAI Severity ?
Title
多款HP CentralView产品信息泄露漏洞(CNVD-2015-05657)
Description
HP CentralView Fraud Risk Management是一款防止网络资产冒用的产品。HP CentralView Revenue Leakage Control是一款用于在通信服务提供商收入流中检测并防止漏洞产生的产品。 多款HP CentralView产品存在信息泄露漏洞,允许远程攻击者可利用漏洞获取敏感信息。
Severity
Patch Name
多款HP CentralView产品信息泄露漏洞(CNVD-2015-05657)的补丁
Patch Description
HP CentralView Fraud Risk Management是一款防止网络资产冒用的产品。HP CentralView Revenue Leakage Control是一款用于在通信服务提供商收入流中检测并防止漏洞产生的产品。 多款HP CentralView产品存在信息泄露漏洞,允许远程攻击者可利用漏洞获取敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04751893

Reference
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04751893
Impacted products
Name
['HP CentralView Fraud Risk Management 11.1', 'HP CentralView Fraud Risk Management 11.2', 'HP CentralView Fraud Risk Management 11.3', 'HP CentralView Revenue Leakage Control 4.1', 'HP CentralView Revenue Leakage Control 4.2', 'HP CentralView Revenue Leakage Control 4.3', 'HP CentralView Dealer Performance Audit 2.0', 'HP CentralView Dealer Performance Audit 2.1', 'HP CentralView Credit Risk Control 2.1', 'HP CentralView Credit Risk Control 2.2', 'HP CentralView Credit Risk Control 2.3', 'HP CentralView Roaming Fraud Control 2.1', 'HP CentralView Roaming Fraud Control 2.2', 'HP CentralView Roaming Fraud Control 2.3', 'HP CentralView Subscription Fraud Prevention 2.0', 'HP CentralView Subscription Fraud Prevention 2.1']
Show details on source website
To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "76356"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-5407"
    }
  },
  "description": "HP CentralView Fraud Risk Management\u662f\u4e00\u6b3e\u9632\u6b62\u7f51\u7edc\u8d44\u4ea7\u5192\u7528\u7684\u4ea7\u54c1\u3002HP CentralView Revenue Leakage Control\u662f\u4e00\u6b3e\u7528\u4e8e\u5728\u901a\u4fe1\u670d\u52a1\u63d0\u4f9b\u5546\u6536\u5165\u6d41\u4e2d\u68c0\u6d4b\u5e76\u9632\u6b62\u6f0f\u6d1e\u4ea7\u751f\u7684\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eHP CentralView\u4ea7\u54c1\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Spyridon Chatzimichail",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04751893",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-05657",
  "openTime": "2015-08-27",
  "patchDescription": "HP CentralView Fraud Risk Management\u662f\u4e00\u6b3e\u9632\u6b62\u7f51\u7edc\u8d44\u4ea7\u5192\u7528\u7684\u4ea7\u54c1\u3002HP CentralView Revenue Leakage Control\u662f\u4e00\u6b3e\u7528\u4e8e\u5728\u901a\u4fe1\u670d\u52a1\u63d0\u4f9b\u5546\u6536\u5165\u6d41\u4e2d\u68c0\u6d4b\u5e76\u9632\u6b62\u6f0f\u6d1e\u4ea7\u751f\u7684\u4ea7\u54c1\u3002 \r\n\r\n\u591a\u6b3eHP CentralView\u4ea7\u54c1\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHP CentralView\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2015-05657\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "HP CentralView Fraud Risk Management 11.1",
      "HP CentralView Fraud Risk Management  11.2",
      "HP CentralView Fraud Risk Management  11.3",
      "HP CentralView Revenue Leakage Control 4.1",
      "HP CentralView Revenue Leakage Control  4.2",
      "HP CentralView Revenue Leakage Control  4.3",
      "HP CentralView Dealer Performance Audit 2.0",
      "HP CentralView Dealer Performance Audit  2.1",
      "HP CentralView Credit Risk Control 2.1",
      "HP CentralView Credit Risk Control  2.2",
      "HP CentralView Credit Risk Control  2.3",
      "HP CentralView Roaming Fraud Control 2.1",
      "HP CentralView Roaming Fraud Control  2.2",
      "HP CentralView Roaming Fraud Control  2.3",
      "HP CentralView Subscription Fraud Prevention 2.0",
      "HP CentralView Subscription Fraud Prevention  2.1"
    ]
  },
  "referenceLink": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04751893",
  "serverity": "\u4e2d",
  "submitTime": "2015-08-22",
  "title": "\u591a\u6b3eHP CentralView\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2015-05657\uff09"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.