An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
History

Thu, 12 Dec 2024 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-611

Wed, 27 Nov 2024 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Hpe
Hpe insight Remote Support
CPEs cpe:2.3:a:hpe:insight_remote_support:*:*:*:*:*:*:*:*
Vendors & Products Hpe
Hpe insight Remote Support
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 26 Nov 2024 22:00:00 +0000


Tue, 26 Nov 2024 21:45:00 +0000

Type Values Removed Values Added
Description An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
Weaknesses CWE-91
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2024-11-26T21:31:11.004Z

Updated: 2024-11-27T12:01:12.519Z

Reserved: 2024-11-22T14:11:14.744Z

Link: CVE-2024-11622

cve-icon Vulnrichment

Updated: 2024-11-27T12:00:57.302Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-26T22:15:17.860

Modified: 2024-12-12T19:52:24.527

Link: CVE-2024-11622

cve-icon Redhat

No data.