PT-2014-8327 · Hewlett Packard · Hp Helion Cloud Development Platform

Published

2014-11-14

Updated

2017-09-08

CVE-2014-7878

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP Helion Cloud Development Platform version 1.0

Description The issue allows remote attackers to execute arbitrary code by leveraging the same security keys used across different customers' installations when a virtual machine is derived from the Seed Node image.

Recommendations For HP Helion Cloud Development Platform version 1.0, consider regenerating and using unique security keys for each customer's installation to prevent the exploitation of this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2014-7878

Affected Products

Hp Helion Cloud Development Platform

PT-2014-8327 · Hewlett Packard · Hp Helion Cloud Development Platform

CVE-2014-7878

Weakness Enumeration

Related Identifiers

Affected Products

References · 3