Directory Traversal Vulnerabilities in HP Data Protector's Cell Request Service
CVE-2014-5160
Currently unrated
What is CVE-2014-5160?
HP Data Protector's Cell Request Service has multiple directory traversal vulnerabilities that allow remote attackers to manipulate files on the system. By exploiting an opcode-1091 request, attackers may create arbitrary files, while opcode-305 requests can be used to create or delete files. Although the vendor claims this behavior is by design, the implications for security are significant, making this a concern for users of the product.