CVE-2013-6221

critical HPE
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
84.1%
Exploitation probability in 30 days
Top 1% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: June 18, 2014 (4348 days ago)
Last Modified: May 6, 2026
Vendor: HPE
Source: NVD

Description

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.

CWE

CWE-22

Affected Products

hp service virtualization

References

🔗 packetstormsecurity.com 🔗 www.exploit-db.com 🔗 www.osvdb.org 🔗 www.securitytracker.com 🔗 zerodayinitiative.com