10
CVE-2017-14350
- EPSS 1.13%
- Veröffentlicht 30.09.2017 01:29:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle security@opentext.com
- CVE-Watchlists
- Unerledigt
LoginA potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp ≫ Application Performance Management Version9.26
Hp ≫ Application Performance Management Version9.30
Hp ≫ Application Performance Management Version9.40
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.13% | 0.774 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.