Directory Traversal Vulnerability in HP Network Virtualization Software
CVE-2014-2625

Currently unrated

Key Information:

Vendor: HP
Status: Network Virtualization
Vendor: CVE Published:; 26 July 2014

What is CVE-2014-2625?

A directory traversal vulnerability exists in the storedNtxFile function of HP Network Virtualization, specifically version 8.6. This security flaw enables remote attackers to manipulate input, granting them the ability to read arbitrary files from the server's file system. This could lead to potential exposure of sensitive information and unauthorized access to critical system files, compromising the integrity and confidentiality of the system.

References

http://www.securitytracker.com/id/1030624

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/60418

third-party-advisoryx_refsource_SECUNIA

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2014
Vulnerability Reserved
Mar 24, 2014