Vulnerability Details CVE-2019-12001
A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.3%
CVSS Severity
CVSS v3 Score 6.4
CVSS v2 Score 7.1
References
Products affected by CVE-2019-12001
-
cpe:2.3:h:hpe:msa_1040:-
-
cpe:2.3:h:hpe:msa_1050:-
-
cpe:2.3:h:hpe:msa_2040:-
-
cpe:2.3:h:hpe:msa_2042:-
-
cpe:2.3:h:hpe:msa_2050:-
-
cpe:2.3:h:hpe:msa_2052:-
-
cpe:2.3:o:hpe:msa_1040_firmware:-
-
cpe:2.3:o:hpe:msa_1040_firmware:gl225p001
-
cpe:2.3:o:hpe:msa_1050_firmware:-
-
cpe:2.3:o:hpe:msa_1050_firmware:ve270r001-01
-
cpe:2.3:o:hpe:msa_2040_firmware:-
-
cpe:2.3:o:hpe:msa_2040_firmware:gl225p001
-
cpe:2.3:o:hpe:msa_2042_firmware:-
-
cpe:2.3:o:hpe:msa_2042_firmware:gl225p001
-
cpe:2.3:o:hpe:msa_2050_firmware:-
-
cpe:2.3:o:hpe:msa_2050_firmware:vl270r001-01
-
cpe:2.3:o:hpe:msa_2052_firmware:-
-
cpe:2.3:o:hpe:msa_2052_firmware:vl270r001-01