KLA10188
Multiple vulnerabilities in HP Insight Diagnostics
Updated: 01/24/2020
Detect date
?
06/14/2013
Severity
?
Critical
Description

Multiple critical vulnerabilities have been found in HP Insight Diagnostics. Malicious users can exploit these vulnerabilities to inject code or write local files. Below is a complete list of vulnerabilities

  1. Improper PHP include restrictions can be exploited via a path parameter;
  2. A path traversal vulnerability can be exploited remotely via a devicePath parameter;
  3. Unknown vectors can be exploited remotely.
Affected products

HP Insight Diagnostics version 9.4.0.4710

Solution

Update to latest version

Impacts
?
CI 
[?]

WLF 
[?]
Related products
HP Insight Diagnostics
CVE-IDS
?
CVE-2013-357310.0Critical
CVE-2013-35747.8Critical
CVE-2013-35755.0Critical