CVE-2017-13984

medium

Description

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal.

References

https://www.auscert.org.au/bulletins/52154

https://softwaresupport.hpe.com/km/KM02942065

http://www.zerodayinitiative.com/advisories/ZDI-17-720/

Details

Source: Mitre, NVD

Published: 2017-09-30

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N