CVE-2017-14355

A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. The vulnerability could be exploited locally to allow escalation of privilege.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microfocusCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
microfocusconnected_backup
8.6
microfocusconnected_backup
8.8.6
𝑥
= Vulnerable software versions
References
http://seclists.org/bugtraq/2017/Oct/23
http://www.securityfocus.com/bid/101270
https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02987868
https://www.exploit-db.com/exploits/43857/
http://seclists.org/bugtraq/2017/Oct/23
http://www.securityfocus.com/bid/101270
https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02987868
https://www.exploit-db.com/exploits/43857/