CVE-2018-7068

MEDIUM

HP Centralview Fraud Risk Management < 6.1 - HTTP Request Smuggling

Title source: rule

Description

HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.

References (1)

[Vendor Advisory] https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03837en_us

Scores

CVSS v3 6.1

EPSS 0.0034

EPSS Percentile 56.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-444

Status published

Products (1)

hp/centralview_fraud_risk_management < 6.1

Published Aug 06, 2018

Tracked Since Feb 18, 2026