Lucene search
HistoryNov 14, 2014 - 12:59 a.m.
CVE-2014-7878
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.062
Percentile
93.6%
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers’ installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.
Affected configurations
Node
hphelion_cloud_development_platformMatch1.0commercial
ORhphelion_cloud_development_platformMatch1.0community
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | helion_cloud_development_platform | 1.0 | cpe:2.3:a:hp:helion_cloud_development_platform:1.0:*:*:*:commercial:*:*:* |
| hp | helion_cloud_development_platform | 1.0 | cpe:2.3:a:hp:helion_cloud_development_platform:1.0:*:*:*:community:*:*:* |
Related
prion
prion
Code injection
2014-11-14 00:59:00
securityvulns
securityvulns
cve
cve
CVE-2014-7878
2014-11-14 00:59:02
cvelist
cvelist
CVE-2014-7878
2014-11-14 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.062
Percentile
93.6%
Related for NVD:CVE-2014-7878