Remote Unauthorized Access Vulnerability in HPE UIoT: Malfunction in DSM Portal and APIs

Remote Unauthorized Access Vulnerability in HPE UIoT: Malfunction in DSM Portal and APIs

CVE-2018-7111 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is that the info can be changed by other users.

Learn more about our Api Penetration Testing.