Lucene search

K

HpCVELIST:CVE-2009-3843

HistoryNov 24, 2009 - 12:00 a.m.

CVE-2009-3843

2009-11-2400:00:00

hp

www.cve.org

9.6 High

AI Score

Confidence

High

0.887 High

EPSS

Percentile

98.7%

HP Operations Manager 8.10 on Windows contains a “hidden account” in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.

References

marc.info/?l=bugtraq&m=125873415424980&w=2

secunia.com/advisories/37444

securitytracker.com/id?1023222

www.osvdb.org/60317

www.zerodayinitiative.com/advisories/ZDI-09-085/

exchange.xforce.ibmcloud.com/vulnerabilities/54361

9.6 High

AI Score

Confidence

High

0.887 High

EPSS

Percentile

98.7%

Related for CVELIST:CVE-2009-3843

saint4 securityvulns3 zdi1 seebug1 packetstorm2 prion2 attackerkb1 nvd2 cve2 cvelist1 checkpoint_advisories1 zdt1 openvas2 kitploit3