{"api_version":"1","generated_at":"2026-06-21T16:24:18+00:00","cve":"CVE-2011-1736","urls":{"html":"https://cve.report/CVE-2011-1736","api":"https://cve.report/api/cve/CVE-2011-1736.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2011-1736","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2011-1736"},"summary":{"title":"CVE-2011-1736","description":"Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.","state":"PUBLISHED","assigner":"hp","published_at":"2011-05-07 19:55:01","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-22","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"8.5","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:N/A:P","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67209","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67209","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/517772/100/0/threaded","name":"http://www.securityfocus.com/archive/1/517772/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/47638","name":"http://www.securityfocus.com/bid/47638","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"HP OpenView Storage Data Protector Multiple Remote Code Execution Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://osvdb.org/72195","name":"http://osvdb.org/72195","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/44402","name":"http://secunia.com/advisories/44402","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"HP OpenView Storage Data Protector Multiple Vulnerabilities - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1025454","name":"http://www.securitytracker.com/id?1025454","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"HP OpenView Storage Data Protector Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://zerodayinitiative.com/advisories/ZDI-11-152/","name":"http://zerodayinitiative.com/advisories/ZDI-11-152/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240","name":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"HPSBMA02668 SSRT100474 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code - c02810240 - \r\n\t\tHP Business Support Center","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2011-1736","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1736","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2011","cve_id":"1736","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_storage_data_protector","cpe6":"6.00","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1736","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_storage_data_protector","cpe6":"6.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"1736","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_storage_data_protector","cpe6":"6.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T22:37:25.701Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20110429 ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/517772/100/0/threaded"},{"name":"72195","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/72195"},{"name":"47638","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/47638"},{"name":"HPSBMA02668","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"},{"name":"SSRT100474","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"},{"name":"openview-data-code-exec(67209)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67209"},{"name":"44402","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/44402"},{"name":"1025454","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1025454"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://zerodayinitiative.com/advisories/ZDI-11-152/"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2011-04-28T00:00:00.000Z","descriptions":[{"lang":"en","value":"Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-09T18:57:01.000Z","orgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","shortName":"hp"},"references":[{"name":"20110429 ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/517772/100/0/threaded"},{"name":"72195","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/72195"},{"name":"47638","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/47638"},{"name":"HPSBMA02668","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"},{"name":"SSRT100474","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"},{"name":"openview-data-code-exec(67209)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67209"},{"name":"44402","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/44402"},{"name":"1025454","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1025454"},{"tags":["x_refsource_MISC"],"url":"http://zerodayinitiative.com/advisories/ZDI-11-152/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"hp-security-alert@hp.com","ID":"CVE-2011-1736","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20110429 ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/517772/100/0/threaded"},{"name":"72195","refsource":"OSVDB","url":"http://osvdb.org/72195"},{"name":"47638","refsource":"BID","url":"http://www.securityfocus.com/bid/47638"},{"name":"HPSBMA02668","refsource":"HP","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"},{"name":"SSRT100474","refsource":"HP","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"},{"name":"openview-data-code-exec(67209)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67209"},{"name":"44402","refsource":"SECUNIA","url":"http://secunia.com/advisories/44402"},{"name":"1025454","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1025454"},{"name":"http://zerodayinitiative.com/advisories/ZDI-11-152/","refsource":"MISC","url":"http://zerodayinitiative.com/advisories/ZDI-11-152/"}]}}}},"cveMetadata":{"assignerOrgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","assignerShortName":"hp","cveId":"CVE-2011-1736","datePublished":"2011-05-07T19:00:00.000Z","dateReserved":"2011-04-19T00:00:00.000Z","dateUpdated":"2024-08-06T22:37:25.701Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2011-05-07 19:55:01","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-22","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:N/A:P","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":7.8,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hp:openview_storage_data_protector:6.00:*:*:*:*:*:*:*","matchCriteriaId":"DD25EB53-4062-4054-BBB9-AF0676E86C98"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:openview_storage_data_protector:6.10:*:*:*:*:*:*:*","matchCriteriaId":"2F55A6FD-8104-4A26-A803-F8971AED5940"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:openview_storage_data_protector:6.11:*:*:*:*:*:*:*","matchCriteriaId":"42BAF885-79EF-418C-A391-751AA8593E85"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2011","CveId":"1736","Ordinal":"1","Title":"CVE-2011-1736","CVE":"CVE-2011-1736","Year":"2011"},"notes":[{"CveYear":"2011","CveId":"1736","Ordinal":"1","NoteData":"Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.","Type":"Description","Title":"CVE-2011-1736"},{"CveYear":"2011","CveId":"1736","Ordinal":"2","NoteData":"2011-05-07","Type":"Other","Title":"Published"},{"CveYear":"2011","CveId":"1736","Ordinal":"3","NoteData":"2018-10-09","Type":"Other","Title":"Modified"}]}}}