CVE-2019-12000
MEDIUMHPE MSE Msg Gw application E-LTU < 3.2 - Remote Access Restriction Bypass via HTTPS Configuration
Title source: llmDescription
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging Gateway Configuration and Operations Guide.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03979en_us
Scores
CVSS v3
6.6
EPSS
0.0031
EPSS Percentile
54.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-295
Status
published
Products (1)
hp/mse_msg_gw_application_e-ltu
< 3.2
Published
Jul 17, 2020
Tracked Since
Feb 18, 2026