CVE-2017-14355

HIGH

HPE Connected Backup <8.8.6 - Privilege Escalation

Title source: llm

Description

A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. The vulnerability could be exploited locally to allow escalation of privilege.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Peter Lapp · pythonlocalwindows

https://www.exploit-db.com/exploits/43857

View Code ZIP pw:eip

References (4)

[Vendor Advisory] https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02987868

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/101270

[Mailing List] http://seclists.org/bugtraq/2017/Oct/23

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/43857/

Scores

CVSS v3 7.8

EPSS 0.0035

EPSS Percentile 57.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (2)

microfocus/connected_backup 8.6

microfocus/connected_backup 8.8.6

Published Dec 05, 2017

Tracked Since Feb 18, 2026