CVE-2017-13985

medium

Description

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information.

References

https://www.auscert.org.au/bulletins/52154

https://softwaresupport.hpe.com/km/KM02942065

http://zerodayinitiative.com/advisories/ZDI-17-721/

Details

Source: Mitre, NVD

Published: 2017-09-30

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N