Hp Executive Scorecard vulnerabilities
3 known vulnerabilities affecting hp/executive_scorecard.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2014-2609P2CRITICALCVSS 10.0v9.40v9.412014-06-19
CVE-2014-2609 [CRITICAL] CWE-287 CVE-2014-2609: The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentica
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.
nvd
CVE-2014-2611P3CRITICALCVSS 9.0v9.40v9.412014-06-19
CVE-2014-2611 [CRITICAL] CWE-22 CVE-2014-2611: Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.
nvd
CVE-2014-2610P3HIGHCVSS 7.1v9.40v9.412014-06-19
CVE-2014-2610 [HIGH] CWE-22 CVE-2014-2610: Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Execu
Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117.
nvd