What is the severity of CVE-2018-7098?

CVE-2018-7098 is classified as a security vulnerability that may allow directory traversal and could be locally exploited.

How do I fix CVE-2018-7098?

To fix CVE-2018-7098, upgrade your 3PAR Service Processor to version SP-4.4.0.GA-110(MU7) or later.

What software is affected by CVE-2018-7098?

CVE-2018-7098 affects various versions of the HP 3PAR Service Provider including SP-4.2.0, SP-4.3.0, and SP-4.4.0 prior to GA-110.

Can CVE-2018-7098 be exploited remotely?

No, CVE-2018-7098 requires local access to exploit the vulnerability.

What is the potential impact of CVE-2018-7098?

The potential impact of CVE-2018-7098 includes unauthorized access to files and directories on the affected system.

Vulnerability/
CVE-2018-7098

high

8.4

CWE

14/8/2018

5/8/2024

CVE-2018-7098: Path Traversal

First published: Tue Aug 14 2018(Updated: )

A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal.

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.2.0-ga
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.3.0-ga-17
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.3.0-ga-24
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.4.0-ga-22
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.4.0-ga-30
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.4.0-ga-53
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.4.0-ga-58
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.4.0-ga-86
Hewlett Packard Enterprise 3PAR Service Provider	=sp-4.4.0-ga-88

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-7098?
CVE-2018-7098 is classified as a security vulnerability that may allow directory traversal and could be locally exploited.
How do I fix CVE-2018-7098?
To fix CVE-2018-7098, upgrade your 3PAR Service Processor to version SP-4.4.0.GA-110(MU7) or later.
What software is affected by CVE-2018-7098?
CVE-2018-7098 affects various versions of the HP 3PAR Service Provider including SP-4.2.0, SP-4.3.0, and SP-4.4.0 prior to GA-110.
Can CVE-2018-7098 be exploited remotely?
No, CVE-2018-7098 requires local access to exploit the vulnerability.
What is the potential impact of CVE-2018-7098?
The potential impact of CVE-2018-7098 includes unauthorized access to files and directories on the affected system.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/hp
canonical/hewlett packard enterprise 3par service provider
version/hewlett packard enterprise 3par service provider/sp-4.2.0-ga
version/hewlett packard enterprise 3par service provider/sp-4.3.0-ga-17
version/hewlett packard enterprise 3par service provider/sp-4.3.0-ga-24
version/hewlett packard enterprise 3par service provider/sp-4.4.0-ga-22
version/hewlett packard enterprise 3par service provider/sp-4.4.0-ga-30
version/hewlett packard enterprise 3par service provider/sp-4.4.0-ga-53
version/hewlett packard enterprise 3par service provider/sp-4.4.0-ga-58
version/hewlett packard enterprise 3par service provider/sp-4.4.0-ga-86
version/hewlett packard enterprise 3par service provider/sp-4.4.0-ga-88