9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard IT Executive Scorecard. Authentication is required to exploit this vulnerability. The specific flaw exists within the fndwar web application. A directory traversal vulnerability can be leveraged to create an arbitrary delete or disclose information. This can allow for a remote attacker to execute code under the context of the SYSTEM user.