4 results (0.007 seconds)

CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0

A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files. Una vulnerabilidad de salto de directorio en HPE BSM Platform Application Performance Management System Health en versiones 9.26, 9.30 y 9.40 permite que los usuarios suban archivos sin restricción. This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of Hewlett Packard Enterprise Application Performance Management System Health. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the UploadManager servlet, which listens on TCP port 18080 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • http://www.securityfocus.com/bid/101199 http://www.zerodayinitiative.com/advisories/ZDI-17-719 https://softwaresupport.hpe.com/km/KM02942065 https://www.auscert.org.au/bulletins/52154 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 10.0EPSS: 23%CPEs: 3EXPL: 0

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication. Una vulnerabilidad de autenticación en HPE BSM Platform Application Performance Management System Health en versiones 9.26, 9.30 y 9.40 permite que los usuarios remotos omitan la autenticación. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Hewlett Packard Enterprise Application Performance Management System Health. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the System Health service, which listens on TCP port 18080 by default. By submitting a crafted request, an attacker can bypass authentication to access the web application. • http://www.zerodayinitiative.com/advisories/ZDI-17-722 https://softwaresupport.hpe.com/km/KM02942065 https://www.auscert.org.au/bulletins/52154 • CWE-287: Improper Authentication •

CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal. Una vulnerabilidad de autenticación en HPE BSM Platform Application Performance Management System Health en versiones 9.26, 9.30 y 9.40 permite que los usuarios remotos eliminen archivos arbitrarios mediante un salto de directorio servlet. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Hewlett Packard Enterprise Application Performance Management System Health. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SHExportToExcel servlet, which listens on TCP port 18080 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • http://www.zerodayinitiative.com/advisories/ZDI-17-720 https://softwaresupport.hpe.com/km/KM02942065 https://www.auscert.org.au/bulletins/52154 • CWE-287: Improper Authentication •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information. Una vulnerabilidad de autenticación en HPE BSM Platform Application Performance Management System Health en versiones 9.26, 9.30 y 9.40 permite que los usuarios remotos salten directorios, lo que conduce a una divulgación de información. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Application Performance Management System Health. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Email servlet, which listens on TCP port 18080 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • http://zerodayinitiative.com/advisories/ZDI-17-721 https://softwaresupport.hpe.com/km/KM02942065 https://www.auscert.org.au/bulletins/52154 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •