Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3574
cve
2013
3574
path traversal
vulnerability
hp insight diagnostics
remote attackers
arbitrary files
nvd
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:C/A:N
6.9 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
77.2%
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.
Affected configurations
Node
hpinsight_diagnosticsMatch9.4.0.4710
| CPE | Name | Operator | Version |
|---|---|---|---|
| hp:insight_diagnostics | hp insight diagnostics | eq | 9.4.0.4710 |
References
Related
prion
prion
Path traversal
2013-06-14 13:07:00
cvelist
cvelist
CVE-2013-3574
2022-10-03 16:14:44
nvd
nvd
CVE-2013-3574
2013-06-14 13:07:29
threatpost
threatpost
Three Vulnerabilities Exist in HP's Insight Diagnostics
2013-06-10 13:47:25
attackerkb
attackerkb
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-14 00:00:00
cert
cert
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-10 00:00:00
kaspersky
kaspersky
KLA10188 Multiple vulnerabilities in HP Insight Diagnostics
2013-06-14 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:C/A:N
6.9 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
77.2%
Related for CVE-2013-3574