Описание
Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hpe:utility_computing_service_meter:1.9:*:*:*:pay_per_use:*:*:*
EPSS
Процентиль: 62%
0.00423
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.
EPSS
Процентиль: 62%
0.00423
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22