Unauthenticated Directory Traversal Vulnerability in HPE Pay Per Use (PPU) UCS Meter 1.9

CVE-2020-24625 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Unathenticated directory traversal in the ReceiverServlet class doGet() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.

Learn more about our Web Application Penetration Testing UK.