CVE-2014-2610
published 2014-06-19CVE-2014-2610: Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated…
PriorityP338high7.1CVSS 2.0
AVNACHAuSCCICAC
EPSS
5.30%
91.6th percentile
Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | executive_scorecard | — | — |
| hp | executive_scorecard | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/59363http://www.securityfocus.com/bid/68093http://www.securitytracker.com/id/1030439http://zerodayinitiative.com/advisories/ZDI-14-209/https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295http://secunia.com/advisories/59363http://www.securityfocus.com/bid/68093http://www.securitytracker.com/id/1030439http://zerodayinitiative.com/advisories/ZDI-14-209/https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295
2014-06-19
Published