Computer Security
[EN] securityvulns.ru no-pyccku


HP Helion Cloud Development Platform restriction bypass
Published:01.12.2014
Source:
SecurityVulns ID:14125
Type:library
Threat Level:
5/10
Description:Same key is used in different installations.
Affected:HP : Helion Cloud Development Platform 1.0
CVE:CVE-2014-7878 (The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.)
Original documentdocumentHP, [security bulletin] HPSBMU03190 rev.1 - HP Helion Cloud Development Platform Community and Commercial Editions, Remote Unauthenticated Access (01.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod