HPE Telco Network Function Virtualization Orchestrator Sensitive Information Exposure Vulnerability
Vulnerability
A vulnerability exists in the storage policy for sensitive credential information in HPE Telco Network Function Virtualization Orchestrator versions 7.3.0 and prior. This vulnerability could allow unauthorized access to sensitive system information.
Impact
Exploitation of this vulnerability could result in unauthorized access to sensitive system information.
Remediation
Users can upgrade to HPE Telco Network Function Virtualization Orchestrator version 7.4.0 or later to address this vulnerability. After upgrading, it is recommended to rotate the affected authentication and encryption keys. The updated software can be downloaded from the HPE My Enterprise License portal.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.