|CVSS SCORE||10.0, (AV:N/AC:L/Au:N/C:C/I:C/A:C)|
Virtual User Generator
The specific flaw exists within the exposed EmulationAdminSoapBinding web service. The issue lies in the handling of several methods resulting in the ability to read, write, and delete arbitrary files. An attacker can leverage this vulnerability to leak credential databases or execute code under the context of SYSTEM.
Hewlett-Packard has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Andrea Micalizzi aka rgod