What is the severity of CVE-2019-12001?

CVE-2019-12001 has been classified as a medium severity vulnerability.

How do I fix CVE-2019-12001?

To mitigate CVE-2019-12001, upgrade to firmware versions newer than GL225P001 for HPE MSA 1040, 2040, 1050, 2042, 2050, and 2052.

Which devices are affected by CVE-2019-12001?

CVE-2019-12001 affects HPE MSA 1040, 2040, 1050, 2042, 2050, and 2052 SAN Storage with specific firmware versions.

Can CVE-2019-12001 be exploited remotely?

Yes, CVE-2019-12001 allows for remote session reuse, potentially enabling unauthorized access.

Is there a known workaround for CVE-2019-12001?

There are no specific workarounds for CVE-2019-12001; updating to a secure firmware version is necessary.

Vulnerability/
CVE-2019-12001

high

7.1

CWE

613

17/4/2020

4/8/2024

CVE-2019-12001

First published: Fri Apr 17 2020(Updated: )

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
HPE MSA 1040 SAN Storage Firmware	<=gl225p001
HP MSA 1040 SAN Storage
HPE MSA 2040 SAN Storage Firmware	<=gl225p001
HPE MSA 2040 Firmware
HPE MSA 2042 Firmware	<=gl225p001
HPE MSA 2042 Firmware
HPE MSA 1050 Firmware	<=ve270r001-01
HPE MSA 1050 Firmware
HPE MSA 2050 Firmware	<=vl270r001-01
HPE MSA 2050 Firmware
HPE MSA 2052 Firmware	<=vl270r001-01
HPE MSA 2052 Firmware

Never miss a vulnerability like this again

Reference Links

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03940en_us

Frequently Asked Questions

What is the severity of CVE-2019-12001?
CVE-2019-12001 has been classified as a medium severity vulnerability.
How do I fix CVE-2019-12001?
To mitigate CVE-2019-12001, upgrade to firmware versions newer than GL225P001 for HPE MSA 1040, 2040, 1050, 2042, 2050, and 2052.
Which devices are affected by CVE-2019-12001?
CVE-2019-12001 affects HPE MSA 1040, 2040, 1050, 2042, 2050, and 2052 SAN Storage with specific firmware versions.
Can CVE-2019-12001 be exploited remotely?
Yes, CVE-2019-12001 allows for remote session reuse, potentially enabling unauthorized access.
Is there a known workaround for CVE-2019-12001?
There are no specific workarounds for CVE-2019-12001; updating to a secure firmware version is necessary.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/references
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/hpe
canonical/hpe msa 1040 san storage firmware
version/hpe msa 1040 san storage firmware/gl225p001
canonical/hp msa 1040 san storage
canonical/hpe msa 2040 san storage firmware
version/hpe msa 2040 san storage firmware/gl225p001
canonical/hpe msa 2040 firmware
canonical/hpe msa 2042 firmware
version/hpe msa 2042 firmware/gl225p001
canonical/hpe msa 1050 firmware
version/hpe msa 1050 firmware/ve270r001-01
canonical/hpe msa 2050 firmware
version/hpe msa 2050 firmware/vl270r001-01
canonical/hpe msa 2052 firmware
version/hpe msa 2052 firmware/vl270r001-01

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.