Описание
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hp:network_node_manager_i:9.20:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_node_manager_i:9.23:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_node_manager_i:9.24:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_node_manager_i:9.25:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_node_manager_i:10.00:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_node_manager_i:10.01:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01078
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
EPSS
Процентиль: 77%
0.01078
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284