1. Home
  2. CVE Database
  3. CVE-2013-6221
HIGH · 10.0

CVE-2013-6221

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files...

Vulnerability Description

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
HpService Virtualization3.0

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2013-6221?

CVE-2013-6221 is a vulnerability with a CVSS score of 10.0 (HIGH). Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files...

How severe is CVE-2013-6221?

CVE-2013-6221 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-6221?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Service Virtualization.