CVE-2020-24625

Unathenticated directory traversal in the ReceiverServlet class doGet method can lead to arbitrary file reads in HPE Pay Per Use PPU Utility Computing Service UCS Meter version 1.9...

HPE Pay Path Traversal Vulnerability (CNVD-2021-18035)

Hewlett Packard Enterprise, HPE HPE PPU service is a pay-per-use network service from Hewlett Packard Enterprise HPE in the United States. A path traversal vulnerability exists in HPE Pay prior to version 1.9 that originates in the doPost method of the ReceiverServlet class of PPU and UCS. An...

CVE-2020-24625

Unathenticated directory traversal in the ReceiverServlet class doGet method can lead to arbitrary file reads in HPE Pay Per Use PPU Utility Computing Service UCS Meter version 1.9...

Directory traversal

Unathenticated directory traversal in the ReceiverServlet class doGet method can lead to arbitrary file reads in HPE Pay Per Use PPU Utility Computing Service UCS Meter version 1.9...

CVE-2020-24625

Summary: CVE-2020-24625 is an unauthenticated directory traversal vulnerability in the ReceiverServlet doGet() of Hewlett Packard Enterprise Pay per Use (PPU) Utility Computing Service (UCS) Meter, up to version 1.9 (vulnerability exists prior to 1.9). The root cause is lack of proper validation ...

(0Day) Hewlett Packard Enterprise Pay per use UCS Meter ReceiverServlet doGet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Pay per use UCS Meter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReceiverServlet class. The issue results fr...

(0Day) Hewlett Packard Enterprise Pay per use UCS Meter ReceiverServlet doPost Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Pay per use UCS Meter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReceiverServlet class. The issue results from the...