Description
An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ, Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR, and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF. By reading ADB or AADB file content within the Installation subvolume, a Guardian user can discover the password of the group.user or alias who acknowledges events from the WVP Events screen.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03981en_us
Scores
CVSS v3
5.5
EPSS
0.0012
EPSS Percentile
30.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (3)
hp/web_viewpoint_t0320
t0320h01\^abo - t0320h01\^aby
hp/web_viewpoint_t0952
t0952h01\^aag - t0952h01\^aaq
hp/web_viewpoint_t0986
t0320l01\^abp - t0320l01\^abz
Published
Jan 27, 2020
Tracked Since
Feb 18, 2026