Directory Traversal Vulnerability in HPE BSM Platform Application Performance Management System
CVE-2017-13982

8.8HIGH

Key Information:

Vendor
HP
Status
Bsm Platform Application Performance Management System Health
Vendor
CVE Published:
30 September 2017

Summary

A directory traversal vulnerability exists in the HPE BSM Platform Application Performance Management System that affects versions 9.26, 9.30, and 9.40. This flaw allows an attacker to upload unrestricted files, potentially compromising the security of the system and its data. Proper validation and restrictions are essential to mitigate such vulnerabilities and protect against unauthorized access and potential exploitation.

References

https://softwaresupport.hpe.com/km/KM02942065
x_refsource_CONFIRM
https://www.auscert.org.au/bulletins/52154
third-party-advisoryx_refsource_AUSCERT
http://www.zerodayinitiative.com/advisories/ZDI-17-719/
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.