Vulnerability Details CVE-2011-4788
Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.1%
CVSS Severity
CVSS v2 Score 7.8
References
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
- http://marc.info/?l=bugtraq&m=132672509901841&w=2
- http://marc.info/?l=bugtraq&m=132672509901841&w=2
- http://zerodayinitiative.com/advisories/ZDI-12-015/
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
- http://marc.info/?l=bugtraq&m=132672509901841&w=2
- http://marc.info/?l=bugtraq&m=132672509901841&w=2
- http://zerodayinitiative.com/advisories/ZDI-12-015/
Products affected by CVE-2011-4788
-
cpe:2.3:h:hp:storageworks_p2000_g3_msa_fc/iscsi_dual_combo_controller_lff_array_system:aw567a
-
cpe:2.3:h:hp:storageworks_p2000_g3_msa_fibre_channel_dual_controller_lff_array_system:ap845a
-
cpe:2.3:h:hp:storageworks_p2000_g3_msa_fibre_channel_dual_controller_sff_array_system:ap846a