CVE-2017-13984

Published Sep 30, 2017

Last updated a year ago

Overview

Description
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal.
Source
security@opentext.com
NVD status
Modified

Risk scores

CVSS 3.0

Type
Primary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Severity
MEDIUM

CVSS 2.0

Type
Primary
Base score
5.5
Impact score
4.9
Exploitability score
8
Vector string
AV:N/AC:L/Au:S/C:N/I:P/A:P

Weaknesses

nvd@nist.gov
CWE-287

Social media

Hype score
Not currently trending

Configurations