Vulnerabilities > CVE-2017-14355 - Unspecified vulnerability in Microfocus Connected Backup 8.6/8.8.6

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
microfocus
exploit available

Summary

A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. The vulnerability could be exploited locally to allow escalation of privilege.

Vulnerable Configurations

Part Description Count
Application
Microfocus
2

Exploit-Db

descriptionHP Connected Backup 8.6/8.8.6 - Local Privilege Escalation. CVE-2017-14355. Local exploit for Windows platform
fileexploits/windows/local/43857.py
idEDB-ID:43857
last seen2018-01-24
modified2018-01-23
platformwindows
port
published2018-01-23
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/43857/
titleHP Connected Backup 8.6/8.8.6 - Local Privilege Escalation
typelocal

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/146043/hpconnectbackup8-escalate.txt
idPACKETSTORM:146043
last seen2018-01-24
published2018-01-24
reporterPeter Lapp
sourcehttps://packetstormsecurity.com/files/146043/HP-Connected-Backup-8.6-8.8.6-Local-Privilege-Escalation.html
titleHP Connected Backup 8.6 / 8.8.6 Local Privilege Escalation