Lucene search

K
cve[email protected]CVE-2010-0447
HistoryMar 10, 2010 - 10:30 p.m.

CVE-2010-0447

2010-03-1022:30:00
CWE-287
web.nvd.nist.gov
25
hp
openview
performance insight
ovpi
cve-2010-0447
security vulnerability
remote code execution
authentication bypass

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.049 Low

EPSS

Percentile

92.6%

The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.049 Low

EPSS

Percentile

92.6%

Related for CVE-2010-0447