Improper input validation in Hp Openview_performance_agent

CVE-2011-2608

ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Agent 4.70 and 5.0; and Operations Agent 11.0, 8.60.005, 8.60.006, 8.60.007, 8.60.008, 8.60.501, and 8.53; allows remote attackers to delete arbitrary files via a full pat…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.008 (75.1th percentile) — read the EPSS interpretation.

Affected products

Hp Openview_performance_agent — versions 4.70, 5.0
Hp Operations_agent — versions 8.53, 8.60.005, 8.60.006
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

1025715 (vdb-entry, x_refsource_SECTRACK)
hp-operations-ovbbccb-file-deletion(68269) (vdb-entry, x_refsource_XF)
HPSBMU02691 (Vendor Advisory, x_refsource_HP, vendor-advisory)
cve@mitre.org (Exploit, x_refsource_MISC)
48481 (Exploit, vdb-entry, x_refsource_BID)
45079 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)