CVE-2023-30904
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-30904 is a recently disclosed cybersecurity vulnerability affecting HPE Insight Remote Support. This issue permits an attacker to gain unauthorized access to privileged LDAP information on the targeted system. Successful exploitation could lead to significant security risks, including unauthorized access to sensitive data. The vulnerability arises due to insufficient access controls within the HPE Insight Remote Support software. HPE recommends users to update their software as soon as possible to mitigate this risk. Failure to do so may put organizations at risk of data breaches and other malicious activities.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Hewlett Packard Enterprise Co.