Directory Traversal Vulnerability in HP Executive Scorecard Web Application
CVE-2014-2611

Currently unrated

Key Information:

Vendor
HP
Status
Executive Scorecard
Vendor
CVE Published:
19 June 2014

Summary

A directory traversal vulnerability exists in the web application of HP Executive Scorecard 9.40 and 9.41, which allows remote authenticated users to potentially execute arbitrary code, access sensitive information, or delete data by exploiting unspecified vectors. This vulnerability highlights the critical need for robust web application security measures to prevent unauthorized actions within the platform.

References

http://secunia.com/advisories/59363
third-party-advisoryx_refsource_SECUNIA
http://zerodayinitiative.com/advisories/ZDI-14-210/
x_refsource_MISC
http://www.securityfocus.com/bid/68093
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.