Hp: Security Vulnerabilities
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration changes made using the provisioning server or the device WebUI.
CVSS Score
4.9
EPSS Score
0.0
Published
2025-12-16
A potential security vulnerability has been identified in HP Image Assistant for versions prior to 5.3.3. The vulnerability
could potentially allow a local attacker to escalate privileges via a race condition when installing packages.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-12-03
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-08-14
A potential security
vulnerability has been identified in the Poly Clariti Manager for versions
prior to 10.12.2. The vulnerability could potentially allow a privileged
user to retrieve credentials from the log files. HP has addressed the issue in
the latest software update.
CVSS Score
4.5
EPSS Score
0.0
Published
2025-07-23
A potential stored cross-site scripting vulnerability has been
identified in the Poly Clariti Manager for versions prior to 10.12.1. The
website allows user input to be stored and rendered without proper
sanitization. HP has addressed the issue in the latest software update.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-07-23
A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-07-23
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a bypass of the application's XSS filter by submitting untrusted characters. HP has addressed the issue in the latest software update.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-07-23
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could deserialize untrusted data without validation. HP has addressed the issue in the latest software update.
CVSS Score
5.2
EPSS Score
0.001
Published
2025-07-23
A potential security vulnerability has been
identified in the Poly Clariti Manager for versions prior to 10.12.1. The
vulnerability could allow the retrieval of hardcoded cryptographic keys. HP has
addressed the issue in the latest software update.
CVSS Score
5.7
EPSS Score
0.0
Published
2025-07-23
A potential reflected cross-site scripting vulnerability has been
identified in the Poly Clariti Manager for versions prior to 10.12.1. The
website does not validate or sanitize the user input before rendering it in the
response. HP has addressed the issue in the latest software update.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-23
Page 1