CVE-2017-13985

MEDIUM

HPE BSM Platform Application Performance Management System Health 9.26, 9.30, 9.40 - Path Traversal

Title source: llm
STIX 2.1

Description

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information.

References (3)

Core 3
Core References
Third Party Advisory x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-17-721/
Vendor Advisory x_refsource_confirm
https://softwaresupport.hpe.com/km/KM02942065
Various Sources third-party-advisory x_refsource_auscert
https://www.auscert.org.au/bulletins/52154

Scores

CVSS v3 6.5
EPSS 0.0045
EPSS Percentile 63.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (3)
hp/bsm_platform_application_performance_management_system_health 9.26
hp/bsm_platform_application_performance_management_system_health 9.30
hp/bsm_platform_application_performance_management_system_health 9.40
Published Sep 30, 2017
Tracked Since Feb 18, 2026