Authentication Flaw in HPE BSM Platform Application Performance Management System
CVE-2017-13985

6.5MEDIUM

Key Information:

Vendor
HP
Status
Bsm Platform Application Performance Management System Health
Vendor
CVE Published:
30 September 2017

Summary

An authentication vulnerability exists in HPE's BSM Platform Application Performance Management System that could allow remote users to exploit directory traversal, potentially leading to the unauthorized disclosure of sensitive information. This issue affects specific versions of the product, highlighting the importance of timely updates and robust security measures.

References

http://zerodayinitiative.com/advisories/ZDI-17-721/
x_refsource_MISC
https://softwaresupport.hpe.com/km/KM02942065
x_refsource_CONFIRM
https://www.auscert.org.au/bulletins/52154
third-party-advisoryx_refsource_AUSCERT

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.