CVE-2014-7883
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
15/02/2015
Last modified:
12/04/2025
Description
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:hp:universal_configuration_management_database:9.05:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:universal_configuration_management_database:10.01:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:universal_configuration_management_database:10.11:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.kb.cert.org/vuls/id/867593
- http://www.securitytracker.com/id/1031688
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906
- http://www.kb.cert.org/vuls/id/867593
- http://www.securitytracker.com/id/1031688
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906