CyberSec.Space Logo
Back to CVE Browser

CVE-2011-4788

HIGH
7.8
CVSS Severity Score
EPSS Score0.1330%
EPSS Percentile24.12th
PublishedJan 13, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.

Affected Platforms (CPE)

πŸ”Œ
Hp

Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System

= aw567a
πŸ”Œ
Hp

Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System

= ap845a
πŸ”Œ
Hp

Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System

= ap846a

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
πŸ”— http://marc.info/?l=bugtraq&m=132672509901841&w=2
πŸ”— http://zerodayinitiative.com/advisories/ZDI-12-015/
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
πŸ”— http://marc.info/?l=bugtraq&m=132672509901841&w=2
πŸ”— http://zerodayinitiative.com/advisories/ZDI-12-015/

Related Vulnerabilities

CVE-2011-190010.0

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to ...

CVE-2011-105410.0

Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors.

CVE-2011-005810.0

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote at...

CVE-2011-073210.0

Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1...