Directory Traversal Vulnerability in HP Network Virtualization
CVE-2014-2626

Currently unrated

Key Information:

Vendor: HP
Status: Network Virtualization
Vendor: CVE Published:; 26 July 2014

Summary

The directory traversal vulnerability found in the toServerObject function of HP Network Virtualization 8.6 enables remote attackers to craft specific input that can lead to unauthorized file creation on the affected system. This flaw can potentially allow attackers to execute arbitrary code, posing significant risks to system integrity and confidentiality. It is essential for users of HP Network Virtualization to apply necessary patches and implement security measures to mitigate this risk.

References

http://www.securitytracker.com/id/1030624

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/60418

third-party-advisoryx_refsource_SECUNIA

http://zerodayinitiative.com/advisories/ZDI-14-268/

x_refsource_MISC

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 26, 2014
Vulnerability Reserved
Mar 24, 2014