CVE-2013-2342

Published: Jun 30, 2013Modified: Apr 29, 2026

7.7

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 5.1 / Impact: 10.0

Source: NVD

Description

The HP StoreOnce D2D backup system with software before 3.0.0 has a default password of badg3r5 for the HPSupport account, which allows remote attackers to obtain administrative access and delete data via an SSH session.

Affected (7)

Products: Hp: Storeonce D2d

1 product

Storeonce D2d

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Hp Storeonce D2d	Up to 2.2.17
Hp Storeonce D2d	Version 2.1.01
Hp Storeonce D2d	Version 2.2.00
Hp Storeonce D2d	Version 2.2.10
Hp Storeonce D2d	Version 2.2.13
Hp Storeonce D2d	Version 2.2.14
Hp Storeonce D2d	Version 2.2.16

Related CWEs

CWE-255

References (4)

http://www.lolware.net/hpstorage.html

Source: hp-security-alert@hp.com

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03813919

Source: hp-security-alert@hp.com

Vendor Advisory

http://www.lolware.net/hpstorage.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03813919

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.