CyberSec.Space Logo
返回 CVE 浏览器

CVE-2011-4788

HIGH
7.8
CVSS Severity Score
EPSS Score0.1330%
EPSS Percentile24.12th
Published2012年1月13日
Last Modified2026年4月29日

Vulnerability Description

Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.

Affected Platforms (CPE)

🔌
Hp

Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System

= aw567a
🔌
Hp

Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System

= ap845a
🔌
Hp

Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System

= ap846a

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
🔗 http://marc.info/?l=bugtraq&m=132672509901841&w=2
🔗 http://zerodayinitiative.com/advisories/ZDI-12-015/
🔗 http://archives.neohapsis.com/archives/bugtraq/2012-01/0088.html
🔗 http://marc.info/?l=bugtraq&m=132672509901841&w=2
🔗 http://zerodayinitiative.com/advisories/ZDI-12-015/

相关漏洞威胁

CVE-2011-007510.0

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before...

CVE-2011-349510.0

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to re...

CVE-2011-262810.0

Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause...

CVE-2011-349610.0

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacte...