CVE-2014-2610

Name of the Vulnerable Software and Affected Versions HP Executive Scorecard versions 9.40 through 9.41

Description The issue allows remote authenticated users to execute arbitrary code by uploading an executable file due to a directory traversal vulnerability in the Content Acceleration Pack (CAP) web application.

Recommendations For versions 9.40 and 9.41, consider restricting access to the file upload functionality in the CAP web application until a fix is available. As a temporary workaround, disabling the executable file upload feature can help minimize the risk of exploitation.