CVE-2014-7878
HP Helion Cloud Development Platform 1.0 - Remote Code Execution via Shared Security Keys
Title source: llmDescription
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04500238
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/98636
Scores
EPSS
0.2881
EPSS Percentile
96.6%
Details
CWE
CWE-310
Status
published
Products (1)
hp/helion_cloud_development_platform
1.0 (2 CPE variants)
Published
Nov 14, 2014
Tracked Since
Feb 18, 2026