Sensitive Credential Information stored insecurely in System Database

July 31, 2025 invoker category_cve

CVE Details

Basic Information

Title Sensitive Credential Information stored insecurely in System Database
Type cve
Published 2025-07-31T19:41:39.665Z
Modified 2025-07-31T20:03:53.635Z

Product Information

Vendor Hewlett Packard Enterprise
Product HPE Telco Network Function Virtual Orchestrator
Version 7.0.0

CVSS Information

Base Score 6.0 (MEDIUM)
Attack Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Affected Products

  • Hewlett Packard Enterprise HPE Telco Network Function Virtual Orchestrator 7.0.0

Additional Information

CWE List CWE-922
Source hpe

Description

A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.