ID CVE-2014-2623
Summary Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors. Per: https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04373818-2%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken "HP Storage Data Protector v8.X running on Windows 2003/2008/7/8"
References
Vulnerable Configurations
  • cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_7:*:*
    cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_7:*:*
  • cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_8:*:*
    cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_8:*:*
  • cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_server_2003:*:*
    cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_server_2003:*:*
  • cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_server_2008:*:*
    cpe:2.3:a:hp:storage_data_protector:8.0:-:*:*:*:windows_server_2008:*:*
  • cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_7:*:*
    cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_7:*:*
  • cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_8:*:*
    cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_8:*:*
  • cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_server_2003:*:*
    cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_server_2003:*:*
  • cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_server_2008:*:*
    cpe:2.3:a:hp:storage_data_protector:8.10:-:*:*:*:windows_server_2008:*:*
CVSS
Base: 10.0 (as of 07-01-2017 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
exploit-db
  • 34066
  • 35961
  • 36304
hp
  • HPSBMU03072
  • SSRT101644
misc http://packetstormsecurity.com/files/130658/HP-Data-Protector-8.10-Remote-Command-Execution.html
osvdb 109069
sectrack 1030583
saint via4
  • bid 68672
    description HP Data Protector Windows Unauthenticated Remote Code Execution
    id net_openview_hpdataprot
    osvdb 109069
    title hp_data_protector_perl
    type remote
  • bid 68672
    description HP Data Protector Unauthenticated Remote Code Execution
    id net_openview_hpdataprot
    osvdb 109069
    title hp_data_protector_tesertest
    type remote
Last major update 07-01-2017 - 02:59
Published 18-07-2014 - 00:55
Last modified 07-01-2017 - 02:59
Back to Top