CVE-2014-2617
EXPLOITEDHP Universal Configuration Management Database 10.01 and 10.10 - Remote Code Execution and Information Disclosure
Title source: llmExploitation Summary
CVE-2014-2617 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030518
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68363
Vendor Advisory vendor-advisory
x_refsource_hp
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04357076
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58912
Scores
EPSS
0.4120
EPSS Percentile
97.4%
Details
VulnCheck KEV
2021-04-12
Status
published
Products (2)
hp/universal_configuration_management_database
10.01
hp/universal_configuration_management_database
10.10
Published
Jul 07, 2014
Tracked Since
Feb 18, 2026