Remote File Upload Vulnerability in HPE Version Control Repository Manager
CVE-2016-8515

8.8HIGH

Key Information:

Vendor: HP
Status: Version Control Repository Manager (vcrm)
Vendor: CVE Published:; 15 February 2018

Summary

A remote file upload vulnerability in HPE Version Control Repository Manager allows attackers to upload malicious files to the server. This issue affects all versions prior to 7.6, exposing systems to potential unauthorized access and exploitation.

Affected Version(s)

Version Control Repository Manager (VCRM) All versions prior to 7.6

References

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1037485

vdb-entryx_refsource_SECTRACK

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
Oct 7, 2016