CVE-2014-7878

Published: Nov 14, 2014Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.

Affected (2)

Products: Hp: Helion Cloud Development Platform

1 product

Helion Cloud Development Platform

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Hp Helion Cloud Development Platform	Version 1.0
Hp Helion Cloud Development Platform	Version 1.0

Related CWEs

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/98636

Source: hp-security-alert@hp.com

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04500238

Source: hp-security-alert@hp.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/98636

Source: af854a3a-2127-422b-91ae-364da2661108

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04500238

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.