HP.Data.Protector.Media.Operations.Directory.Traversal

Release Date Nov 26, 2011
Severity medium
Impact Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Description This indicates an attack attempt to exploit a Directory Traversal vulnerability in HP Data Protector Media Operations. The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. As a result, a remote attacker can gain unauthorized access to sensitive information.
Affected Products HP Data Protector Media Operations 6.20 and earlier versions
Recommended Actions Currently we are not aware of any vendor supplied patch for this issue.
Coverage IPS VCM
Reference/s http://osvdb.org/show/osvdb/76841 http://aluigi.altervista.org/adv/hpdpmedia_1-adv.txt

Fortinet