SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   OfficeConnect Router (3Com) Vendors:   HPE
HPE OfficeConnect 1810 Series Switch Has Unspecified Flaw That Lets Local Users Obtain Potentially Sensitive Information on the Target System
SecurityTracker Alert ID:  1041445
SecurityTracker URL:  http://securitytracker.com/id/1041445
CVE Reference:   CVE-2018-7100   (Links to External Site)
Date:  Aug 13 2018
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in HPE OfficeConnect Series 1810 Switch. A local user can obtain potentially sensitive information.

No details were provided.

[Editor's note: The vendor-supplied CVSS rating indicates a "Network" (i.e., remote) attack vector with a "Low" Integrity impact and no Confidentiality impact, which conflicts with the local information disclosure descriptive text.]

The following models are affected:

1810-24G: P.2.22 and prior
1810-48G: PK.1.34 and prior
1810-8 v2: P.2.22 and prior

Kevin Wang reported this vulnerability.

Impact:   A local user can obtain potentially sensitive information on the target system.
Solution:   The vendor has issued a fix (P.2.23 [for 1810G 8/24], PK.1.35 [for 1810G-48].

The vendor advisory is available at:

https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03858en_us

Vendor URL:  support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03858en_us (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC