Unrated severityNVD Advisory· Published Jun 19, 2014· Updated May 6, 2026

CVE-2014-2611

Description

Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.

Affected products

HP/Executive Scorecard2 versions
cpe:2.3:a:hp:executive_scorecard:9.41:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:hp:executive_scorecard:9.41:*:*:*:*:*:*:*
- cpe:2.3:a:hp:executive_scorecard:9.40:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/59363nvdThird Party Advisory
www.securityfocus.com/bid/68093nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1030439nvdThird Party AdvisoryVDB Entry
zerodayinitiative.com/advisories/ZDI-14-210/nvdThird Party AdvisoryVDB Entry
h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplaynvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000