CVE-2025-43485: CWE-532 Insertion of Sensitive Information into Log File in HP Inc. Poly Clariti Manager
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update.
CVE-2025-43485: CWE-532 Insertion of Sensitive Information into Log File in HP Inc. Poly Clariti Manager
Description
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- hp
- Date Reserved
- 2025-04-16T15:25:24.712Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6880207da915ff00f7fc9727
Added to database: 7/22/2025, 11:36:29 PM
Last updated: 7/22/2025, 11:36:29 PM
Views: 1
Related Threats
CVE-2025-43484: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in HP Inc. Poly Clariti Manager
MediumCVE-2025-43483: CWE-321: Use of Hard-coded Cryptographic Key in HP Inc. Poly Clariti Manager
MediumCVE-2025-54139: CWE-1021: Improper Restriction of Rendered UI Layers or Frames in haxtheweb issues
MediumCVE-2025-43488: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in HP Inc. Poly Clariti Manager
LowCVE-2025-43487: CWE-250: Execution with Unnecessary Privileges in HP Inc. Poly Clariti Manager
MediumActions
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.