CVE-2025-43021

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-43021
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.

5.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:hp:poly_clariti_manager:*:*:*:*:*:*:*:*
History

02 Oct 2025, 17:44

Type Values Removed Values Added
CPE cpe:2.3:a:hp:poly_clariti_manager:*:*:*:*:*:*:*:*
First Time Hp poly Clariti Manager
Hp
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.7
References () https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037 - () https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037 - Vendor Advisory

25 Jul 2025, 15:29

Type Values Removed Values Added
Summary
  • (es) Se ha identificado una posible vulnerabilidad de seguridad en Poly Clariti Manager para versiones anteriores a la 10.12.1. Esta vulnerabilidad podría permitir el uso y la recuperación de la contraseña predeterminada. HP ha solucionado el problema en la última actualización de software.

23 Jul 2025, 00:15

Type Values Removed Values Added
CWE CWE-1393
Summary (en) A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update. (en) A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.

22 Jul 2025, 23:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-22 23:15

Updated : 2025-10-02 17:44

NVD link : CVE-2025-43021

Mitre link : CVE-2025-43021

CVE.ORG link : CVE-2025-43021

JSON object : View

Products Affected

hp

  • poly_clariti_manager
CWE
CWE-1393

Use of Default Password