HP StoreVirtual 4000 and StoreVirtual VSA Software < 11.5 Multiple Vulnerabilities

High Nessus Plugin ID 76913


The remote host is affected by multiple vulnerabilities.


The remote HP storage system, running HP StoreVirtual 4000 Storage and StoreVirtual VSA, is version 9.5.x or later but prior to 11.5. It is, therefore, affected by the following vulnerabilities :

- An unspecified information disclosure vulnerability exists that allows a remote attacker to obtain potentially sensitive information via unknown vectors.

- A privilege escalation vulnerability exists that allows an authenticated, remote attacker to gain privileges via unknown vectors. (CVE-2014-2606)


Upgrade to HP StoreVirtual 4000 Storage and StoreVirtual VSA version 11.5 or higher.

See Also


Plugin Details

Severity: High

ID: 76913

File Name: hp_vsa_11_5.nasl

Version: $Revision: 1.3 $

Type: remote

Family: Misc.

Published: 2014/07/30

Modified: 2016/01/14

Dependencies: 73460, 64631, 64632

Risk Information

Risk Factor: High


Base Score: 9

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:hp:storevirtual_vsa, cpe:/a:hp:storage_management_software

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/07/14

Vulnerability Publication Date: 2014/07/14

Reference Information

CVE: CVE-2014-2605, CVE-2014-2606

BID: 68538, 68542

OSVDB: 109166, 109167

HP: emr_na-c04281279, HPSBST03039, SSRT101457