CVE-2014-7883
HP Universal Configuration Management... - Information Disclosure
Title source: ruleDescription
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Hans-Martin Muench · textwebappswindows
https://www.exploit-db.com/exploits/35982
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/867593
Not Applicable vendor-advisory
x_refsource_hp
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031688
Scores
EPSS
0.5774
EPSS Percentile
98.2%
Details
CWE
CWE-200
Status
published
Products (3)
hp/universal_configuration_management_database
9.05
hp/universal_configuration_management_database
10.01
hp/universal_configuration_management_database
10.11
Published
Feb 15, 2015
Tracked Since
Feb 18, 2026