Description
HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_hp
http://www.securityfocus.com/advisories/8734
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15790
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014267
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14032
Scores
EPSS
0.0019
EPSS Percentile
41.1%
Details
Status
published
Products (10)
hp/version_control_repository_manager
1.0.1288.1
hp/version_control_repository_manager
1.0.2241.0
hp/version_control_repository_manager
1.0.2289.0
hp/version_control_repository_manager
1.0.2345.0
hp/version_control_repository_manager
1.0.3085.0
hp/version_control_repository_manager
1.0.3086.0
hp/version_control_repository_manager
2.0.0.50
hp/version_control_repository_manager
2.0.1.30
hp/version_control_repository_manager
2.1.1.710
hp/version_control_repository_manager
2.1.1.720
Published
Jun 29, 2005
Tracked Since
Feb 18, 2026