Remote Code Execution Vulnerability in HP Storage Data Protector
CVE-2014-2623

Currently unrated

Key Information:

Vendor: HP
Status: Storage Data Protector
Vendor: CVE Published:; 18 July 2014

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 89%

What is CVE-2014-2623?

A vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code through unspecified vectors. The exploitation of this vulnerability could lead to significant risks, including unauthorized access and manipulation of stored data. Users are advised to review security patches and updates from HP to mitigate potential threats.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2014-2623 - Proof of Concept

References

http://www.exploit-db.com/exploits/34066/

exploitx_refsource_EXPLOIT-DB

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.osvdb.org/109069

vdb-entryx_refsource_OSVDB

EPSS Score

89% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jul 18, 2014
👾
Exploit known to exist
Jul 18, 2014
Vulnerability published
Jul 18, 2014
Vulnerability Reserved
Mar 24, 2014

CVE-2014-2623 Data

JSON