CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.6%
Added: 02/10/2015
CVE: CVE-2014-2623
BID: 68672
OSVDB: 109069
HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP.
HP Data Protector is vulnerable to remote unauthenticated arbitrary command execution when processing specially crafted commands received on port 5555/TCP.
Enable Encrypted Control Communications (ECC) services on the cell server and all of the clients in cell as described in HP Security Bulletin HPSBMU03072.
<https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04373818>
Exploit works on HP Data Protector 8.x on IA64 HP Server Rx3600.