HP System Management Homepage Unspecified Directory Traversal Vulnerability

HP System Management Homepage Unspecified Directory Traversal Vulnerability

HP System Management Homepage (SMH) is prone to an unspecified directory-traversal vulnerability. This issue is most likely due to a failure in the application to properly sanitize user-supplied input.

Presumably, an attacker can exploit this issue to retrieve arbitrary files in the context of the affected application. This issue may also permit the overwriting of arbitrary files.

The exact nature of this vulnerability is not currently known; this BID will be updated as further information becomes available.

This issue affects HP SMH only on the Microsoft Windows platform.

This issue is likely similar to the one described in BID 16571 (HP Systems Insight Manager Unspecified Directory Traversal Vulnerability), possibly due to code reuse among products.