CVE-2014-2623
critical
CVSS v3
—
CVSS v2
10.0
VIR risk
10.0
Description
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| hp | storage_data_protector | 8.0 | |
| hp | storage_data_protector | 8.10 | |
References
- http://packetstormsecurity.com/files/130658/HP-Data-Protector-8.10-Remote-Command-Execution.html
- http://www.exploit-db.com/exploits/34066/
- http://www.exploit-db.com/exploits/35961
- http://www.exploit-db.com/exploits/36304
- http://www.osvdb.org/109069
- http://www.securitytracker.com/id/1030583
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04373818
- http://packetstormsecurity.com/files/130658/HP-Data-Protector-8.10-Remote-Command-Execution.html
- http://www.exploit-db.com/exploits/34066/
- http://www.exploit-db.com/exploits/35961
- http://www.exploit-db.com/exploits/36304
- http://www.osvdb.org/109069
- http://www.securitytracker.com/id/1030583
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04373818
Verify integrity in audit chain (admin only). AS-IS.