3 matches found
CVE-2014-2626
CVE-2014-2626 affects HP Network Virtualization / Shunra Network Virtualization 8.6. The vulnerability is in the toServerObject function, caused by insufficient input validation that enables directory traversal. An unauthenticated remote attacker can craft HTTP requests to write arbitrary files (...
CVE-2015-2121
CVE-2015-2121 affects HP Network Virtualization for LoadRunner and Performance Center (versions 11.52 and 8.61). The root cause is failure to sanitize filenames in URLs handled by HttpServlet and NetworkEditorController, allowing remote attackers to read arbitrary files. This information-disclosu...
CVE-2014-2625
Affected product/Version: HP Network Virtualization 8.6 (Shunra Network Virtualization). Vulnerability: storedNtxFile directory traversal due to insufficient input validation, enabling a remote, unauthenticated attacker to read arbitrary files on the vulnerable system. Root cause: improper saniti...