KLA10188
Multiple vulnerabilities in HP Insight Diagnostics

Multiple critical vulnerabilities have been found in HP Insight Diagnostics. Malicious users can exploit these vulnerabilities to inject code or write local files. Below is a complete list of vulnerabilities

1. Improper PHP include restrictions can be exploited via a path parameter;
2. A path traversal vulnerability can be exploited remotely via a devicePath parameter;
3. Unknown vectors can be exploited remotely.

HP Insight Diagnostics version 9.4.0.4710

Update to latest version