CVE-2017-13985

6.5MEDIUM

Key Information:

Vendor: HP
Status: Bsm Platform Application Performance Management System Health
Vendor: CVE Published:; 30 September 2017

Summary

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information.

References

http://zerodayinitiative.com/advisories/ZDI-17-721/

x_refsource_MISC

https://softwaresupport.hpe.com/km/KM02942065

x_refsource_CONFIRM

https://www.auscert.org.au/bulletins/52154

third-party-advisoryx_refsource_AUSCERT

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 30, 2017
Vulnerability Reserved
Aug 30, 2017