Описание
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hp:network_automation:9.10:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:9.20:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:9.22:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:9.22.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:9.22.02:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:10.00:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:10.00.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:10.00.02:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:10.10:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:10.11:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:10.11.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:network_automation:10.20:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.18398
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-502
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
EPSS
Процентиль: 95%
0.18398
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-502