CVE-2025-0858

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure.

CVSS

No CVSS.

References

Link	Resource
https://support.hp.com/us-en/document/ish_11926124-11926148-16/hpsbpy03996

Configurations

No configuration.

History

No history.

Information

Published : 2025-02-05 15:15

Updated : 2025-03-27 14:15

NVD link : CVE-2025-0858

Mitre link : CVE-2025-0858

CVE.ORG link : CVE-2025-0858

JSON object : View

Products Affected

No product.

CWE

CWE-35

Path Traversal: '.../...//'

{"id": "CVE-2025-0858", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.8, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-02-05T15:15:21.580", "references": [{"url": "https://support.hp.com/us-en/document/ish_11926124-11926148-16/hpsbpy03996", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-35"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure."}, {"lang": "es", "value": "Se descubri\u00f3 una vulnerabilidad en las compilaciones de firmware hasta la versi\u00f3n 8.2.1.0820 en los dispositivos Poly Edge E. La falla del firmware no previene adecuadamente Path Traversal y podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n."}], "lastModified": "2025-03-27T14:15:21.803", "sourceIdentifier": "[email protected]"}

CVE-2025-0858

JSON object

Attach tags to CVE-2025-0858

Attach tags to `CVE-2025-0858`