Lucene search
CertccCVE-2013-3574HistoryJun 14, 2013 - 1:07 p.m.
CVE-2013-3574
2013-06-1413:07:29
CWE-20
certcc
web.nvd.nist.gov
34
cve
2013
3574
path traversal
vulnerability
hp insight diagnostics
remote attackers
arbitrary files
nvd
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:C/A:N
AI Score
6.9
Confidence
Low
EPSS
0.004
Percentile
73.2%
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.
Affected configurations
Node
hpinsight_diagnosticsMatch9.4.0.4710
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | insight_diagnostics | 9.4.0.4710 | cpe:2.3:a:hp:insight_diagnostics:9.4.0.4710:*:*:*:*:*:*:* |
References
Related
exploitdb
exploitdb
HP Insight Diagnostics - Remote Code Injection
2013-06-10 00:00:00
prion
prion
Path traversal
2013-06-14 13:07:00
cvelist
cvelist
CVE-2013-3574
2013-06-14 10:00:00
nvd
nvd
CVE-2013-3574
2013-06-14 13:07:29
threatpost
threatpost
Three Vulnerabilities Exist in HP's Insight Diagnostics
2013-06-10 13:47:25
attackerkb
attackerkb
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-14 00:00:00
cert
cert
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-10 00:00:00
kaspersky
kaspersky
KLA10188 Multiple vulnerabilities in HP Insight Diagnostics
2013-06-14 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:C/A:N
AI Score
6.9
Confidence
Low
EPSS
0.004
Percentile
73.2%
Related for CVE-2013-3574