Описание
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hp:discovery_and_dependency_mapping_inventory:9.30:*:*:*:*:*:*:*
cpe:2.3:a:hp:discovery_and_dependency_mapping_inventory:9.31:*:*:*:*:*:*:*
cpe:2.3:a:hp:discovery_and_dependency_mapping_inventory:9.32:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00281
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
EPSS
Процентиль: 51%
0.00281
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284