CyberSec.Space Logo
Back to CVE Browser

CVE-2011-4788

HIGH
7.8
CVSS Severity Score
EPSS Score0.1330%
EPSS Percentile24.12th
PublishedJan 13, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.

Affected Platforms (CPE)

πŸ”Œ
Hp

Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System

= aw567a
πŸ”Œ
Hp

Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System

= ap845a
πŸ”Œ
Hp

Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System

= ap846a

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
πŸ”— http://marc.info/?l=bugtraq&m=132672509901841&w=2
πŸ”— http://zerodayinitiative.com/advisories/ZDI-12-015/
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
πŸ”— http://marc.info/?l=bugtraq&m=132672509901841&w=2
πŸ”— http://zerodayinitiative.com/advisories/ZDI-12-015/

Related Vulnerabilities

CVE-2011-349510.0

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to re...

CVE-2011-349610.0

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacte...

CVE-2011-007510.0

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before...

CVE-2011-035410.0

The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before T...