CVE-2025-43021

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.

CVSS

No CVSS.

References

Link	Resource
https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037

Configurations

No configuration.

History

25 Jul 2025, 15:29

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una posible vulnerabilidad de seguridad en Poly Clariti Manager para versiones anteriores a la 10.12.1. Esta vulnerabilidad podría permitir el uso y la recuperación de la contraseña predeterminada. HP ha solucionado el problema en la última actualización de software.

23 Jul 2025, 00:15

Type	Values Removed	Values Added
CWE		CWE-1393
Summary	(en) A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.	(en) A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.

22 Jul 2025, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-22 23:15

Updated : 2025-07-25 15:29

NVD link : CVE-2025-43021

Mitre link : CVE-2025-43021

CVE.ORG link : CVE-2025-43021

JSON object : View

Products Affected

No product.

CWE

CWE-1393

Use of Default Password

{"id": "CVE-2025-43021", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "hp-security-alert@hp.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.9, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-22T23:15:24.687", "references": [{"url": "https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037", "source": "hp-security-alert@hp.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "hp-security-alert@hp.com", "description": [{"lang": "en", "value": "CWE-1393"}]}], "descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update."}, {"lang": "es", "value": "Se ha identificado una posible vulnerabilidad de seguridad en Poly Clariti Manager para versiones anteriores a la 10.12.1. Esta vulnerabilidad podr\u00eda permitir el uso y la recuperaci\u00f3n de la contrase\u00f1a predeterminada. HP ha solucionado el problema en la \u00faltima actualizaci\u00f3n de software."}], "lastModified": "2025-07-25T15:29:44.523", "sourceIdentifier": "hp-security-alert@hp.com"}