Remote Access Vulnerability in HP StoreOnce D2D Backup System
CVE-2013-2342

Currently unrated

Key Information:

Vendor: HP
Status: Storeonce D2d
Vendor: CVE Published:; 30 June 2013

Summary

The HP StoreOnce D2D backup system prior to version 3.0.0 is vulnerable due to the presence of a hardcoded default password for the HPSupport account. This weakness permits remote attackers to gain administrative access via SSH, potentially allowing them to delete sensitive data and compromise the integrity of the backup system.

References

http://www.lolware.net/hpstorage.html

x_refsource_MISC

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 30, 2013