CVE-2019-19539

MEDIUM

Idelji Web ViewPoint - Info Disclosure

Title source: llm

Description

An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ, Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR, and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF. By reading ADB or AADB file content within the Installation subvolume, a Guardian user can discover the password of the group.user or alias who acknowledges events from the WVP Events screen.

References (1)

[Vendor Advisory] https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03981en_us

Scores

CVSS v3 5.5

EPSS 0.0012

EPSS Percentile 30.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522

Status published

Affected Products (3)

hp/web_viewpoint_t0320 < t0320h01\^aby

hp/web_viewpoint_t0952 < t0952h01\^aaq

hp/web_viewpoint_t0986 < t0320l01\^abz

Timeline

Published Jan 27, 2020

Tracked Since Feb 18, 2026