Hewlett-Packard IT Executive Scorecard CAP File Upload Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard IT Executive Scorecard. Authentication is required to exploit this vulnerability. The specific flaw exists within the Content Acceleration Pack web application code. A file upload directory traversal vulnerability can be leveraged to execute code under the context of the SYSTEM user.