Описание
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hp:executive_scorecard:9.40:*:*:*:*:*:*:*
cpe:2.3:a:hp:executive_scorecard:9.41:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02427
Низкий
9 Critical
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.
EPSS
Процентиль: 85%
0.02427
Низкий
9 Critical
CVSS2
Дефекты
CWE-22