CVE-2014-2611

Currently unrated

Key Information:

Vendor
HP
Status
Executive Scorecard
Vendor
CVE Published:
19 June 2014

Summary

Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.

References

http://secunia.com/advisories/59363
third-party-advisoryx_refsource_SECUNIA
http://zerodayinitiative.com/advisories/ZDI-14-210/
x_refsource_MISC
http://www.securityfocus.com/bid/68093
vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.