Описание
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.4 (включая)
cpe:2.3:a:hp:openview_performance_insight:*:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06203
Низкий
10 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
EPSS
Процентиль: 91%
0.06203
Низкий
10 Critical
CVSS2
Дефекты
CWE-287