Описание
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.5.3 (включая)
Одно из
cpe:2.3:a:hp:operations_orchestration:10.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.02:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.10:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.20:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.21:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.22:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.22.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration:10.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:operations_orchestration_content:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02585
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
EPSS
Процентиль: 85%
0.02585
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-20