What is CVE-2013-6221?

CVE-2013-6221 is a vulnerability in Hp Service_virtualization, classified under Path Traversal. Published 2014-06-18.

Is CVE-2013-6221 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Hp Service_virtualization

CVE-2013-6221

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary cod…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.841 (99.3th percentile) — read the EPSS interpretation.

Affected products

Hp Service_virtualization — versions 3.0
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

rapid7/metasploit-framework

References

107943 (x_refsource_OSVDB, vdb-entry)
1030385 (vdb-entry, x_refsource_SECTRACK)
hp-security-alert@hp.com (x_refsource_MISC)
SSRT101385 (Vendor Advisory, x_refsource_HP, vendor-advisory)
33891 (exploit, x_refsource_EXPLOIT-DB)
hp-security-alert@hp.com (x_refsource_MISC)
hp-security-alert@hp.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2013-6221?: CVE-2013-6221 is a vulnerability in Hp Service_virtualization, classified under Path Traversal. Published 2014-06-18.
Is CVE-2013-6221 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.