CVE-2024-41911

MEDIUM EPSS 15.2%

Published Aug 6, 20241y ago · Modified Jun 17, 20261w ago

5.4 CVSS 3.1

Medium

Published Aug 6, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation.

CVSS Details

Base Score

5.4

Exploitability

2.3

Impact

2.7

Vector string

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector Network

Attack Complexity Low

Privileges Required Low

User Interaction Required

Scope Changed

Confidentiality Low

Integrity Low

Availability None

Threat Intelligence

EPSS Exploit Probability

15.2% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

Vendor	Product	Version	Range
hp	poly_clariti_manager	*	<10.12.0.2_100

References 1

support.hp.com https://support.hp.com/us-en/document/ish_11006770-11006795-16/hpsbpy03959

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.