Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Title HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code
Name HPSBST02735 SSRT100516 First vendor Publication 2012-01-13
Vendor HP Last vendor Modification 2012-01-13
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A potential security vulnerability has been identified with HP StorageWorks Modular Smart Array P2000 G3. This vulnerability could be exploited to allow remote execution of arbitrary code.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03153338

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Hardware 1
Hardware 1
Hardware 1

OpenVAS Exploits

Date Description
2012-02-21 Name : HP StorageWorks Default Accounts and Directory Traversal Vulnerabilities
File : nvt/gb_hp_storageworks_51399.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
78307 HP StorageWorks P2000 G3 URI Traversal Arbitrary File Access

Nessus® Vulnerability Scanner

Date Description
1999-11-05 Name : The remote web server is affected by a directory traversal vulnerability.
File : web_traversal.nasl - Type : ACT_ATTACK