HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7883
Reference (s):
- CERT-VN:VU#867593
- URL: http://www.kb.cert.org/vuls/id/867593
- HP:HPSBMU03239
- URL: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04553906
- HP:SSRT101848