Directory Traversal Vulnerability in HP Executive Scorecard by HP
CVE-2014-2610

Currently unrated

Key Information:

Vendor: HP
Status: Executive Scorecard
Vendor: CVE Published:; 19 June 2014

Summary

A directory traversal vulnerability exists within the Content Acceleration Pack (CAP) web application in HP Executive Scorecard versions 9.40 and 9.41. This vulnerability allows authenticated remote users to upload executable files, potentially leading to arbitrary code execution. Attackers can exploit this weakness to gain unauthorized access to the system and execute malicious code, highlighting the importance of securing vulnerable applications.

References

http://secunia.com/advisories/59363

third-party-advisoryx_refsource_SECUNIA

http://zerodayinitiative.com/advisories/ZDI-14-209/

x_refsource_MISC

http://www.securityfocus.com/bid/68093

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jun 19, 2014
Vulnerability Reserved
Mar 24, 2014