Vulnerability Details CVE-2015-2802
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=143455780010289&w=2
- http://marc.info/?l=bugtraq&m=143629738517220&w=2
- http://www.securityfocus.com/bid/75258
- https://packetstormsecurity.com/files/cve/CVE-2015-2802
- https://securitytracker.com/id/1032599
- http://marc.info/?l=bugtraq&m=143455780010289&w=2
- http://marc.info/?l=bugtraq&m=143629738517220&w=2
- http://www.securityfocus.com/bid/75258
- https://packetstormsecurity.com/files/cve/CVE-2015-2802
- https://securitytracker.com/id/1032599
Products affected by CVE-2015-2802
-
cpe:2.3:a:hp:asset_manager:9.30
-
cpe:2.3:a:hp:asset_manager:9.31
-
cpe:2.3:a:hp:asset_manager:9.32
-
cpe:2.3:a:hp:asset_manager:9.40
-
cpe:2.3:a:hp:asset_manager:9.41
-
cpe:2.3:a:hp:asset_manager:9.50
-
cpe:2.3:a:hp:asset_manager_cloudsystem_chargeback:9.40
-
cpe:2.3:a:hp:sitescope:11.20
-
cpe:2.3:a:hp:sitescope:11.21
-
cpe:2.3:a:hp:sitescope:11.22
-
cpe:2.3:a:hp:sitescope:11.23
-
cpe:2.3:a:hp:sitescope:11.24
-
cpe:2.3:a:hp:sitescope:11.30
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:oracle:solaris:-