Описание
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hp:sitescope:10.11:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:10.13:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.10:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.11:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.12:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.20:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.21:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.78003
Высокий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
EPSS
Процентиль: 99%
0.78003
Высокий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo