HP StorageWorks Modular Smart Array P2000 G3 Web Interface Directory Traversal Vulnerability
Description
A vulnerability has been reported in HP StorageWorks Modular Smart Array P2000, which can be exploited by malicious people to disclose sensitive information.
Certain input passed to the web interface is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks.
The vulnerability is reported in HP StorageWorks Modular Smart Array P2000 G3 running firmware versions prior to TS230P008.
Vulnerable Products
Vulnerable OS: HP StorageWorks Modular Smart Array P2000Vulnerable Software: