CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-7107

A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03889en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03889en_us

Products affected by CVE-2018-7107

Hpe » Device Entitlement Gateway » Version: 3.2.4

cpe:2.3:a:hpe:device_entitlement_gateway:3.2.4
Hpe » Device Entitlement Gateway » Version: 3.3

cpe:2.3:a:hpe:device_entitlement_gateway:3.3
Hpe » Device Entitlement Gateway » Version: 3.3.1

cpe:2.3:a:hpe:device_entitlement_gateway:3.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7107

Products

Pricing

Contact Us