Vulnerabilities > HPE > Utility Computing Service Meter

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-24626 Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9
Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.
network
low complexity
hpe CWE-22
critical
 9.8
9.8
2020-09-23 CVE-2020-24625 Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9
Unathenticated directory traversal in the ReceiverServlet class doGet() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.
network
low complexity
hpe CWE-22
7.5
7.5
2020-09-23 CVE-2020-24624 Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9
Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.
network
low complexity
hpe CWE-22
7.5
7.5