PT-2014-8327 · Hewlett Packard · Hp Helion Cloud Development Platform

Publicado

2014-11-14

Atualizado

2017-09-08

CVE-2014-7878

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP Helion Cloud Development Platform version 1.0

Description The issue allows remote attackers to execute arbitrary code by leveraging the same security keys used across different customers' installations when a virtual machine is derived from the Seed Node image.

Recommendations For HP Helion Cloud Development Platform version 1.0, consider regenerating and using unique security keys for each customer's installation to prevent the exploitation of this issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-310

Identificadores relacionados

CVE-2014-7878

Produtos afetados

Hp Helion Cloud Development Platform

PT-2014-8327 · Hewlett Packard · Hp Helion Cloud Development Platform

CVE-2014-7878

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3