Centralview Fraud Risk Management
CVE-2015-5408
MEDIUM
Severity by source
AV:L/AC:H/Au:S/C:C/I:C/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:H/Au:S/C:C/I:C/A:C
Lifecycle Timeline
1DescriptionCVE.org
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5406 and CVE-2015-5407.
AnalysisAI
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control. Rated medium severity (CVSS 6.0). No vendor patch available.
Technical ContextAI
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5406 and CVE-2015-5407. Affected products include: Hp Centralview Fraud Risk Management, Hp Centralview Roaming Fraud Control, Hp Centralview Credit Risk Control, Hp Centralview Subscription Fraud Prevention, Hp Centralview Dealer Performance Audit.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; Centra
HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earli
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than versi
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; Centra
HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier tha
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today