Directory Traversal Vulnerability in HP OpenView Storage Data Protector
CVE-2011-1736

Currently unrated

Key Information:

Vendor: HP
Status: Openview Storage Data Protector
Vendor: CVE Published:; 7 May 2011

Summary

A directory traversal vulnerability exists in OmniInet.exe within the Backup Client Service of HP OpenView Storage Data Protector. This flaw enables remote attackers to exploit directory traversal sequences in a filename sent via a GET_FILE message. As a result, unauthorized access to sensitive files on the server can occur, potentially leading to exposure of critical information. Users are urged to apply necessary updates and implement security measures to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/archive/1/517772/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://osvdb.org/72195

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/47638

vdb-entryx_refsource_BID

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 7, 2011
Vulnerability Reserved
Apr 19, 2011