7.7 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.049 Low
EPSS
Percentile
92.6%
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
CPE | Name | Operator | Version |
---|---|---|---|
hp:openview_performance_insight | hp openview performance insight | le | 5.4 |
marc.info/?l=bugtraq&m=126815897824020&w=2
osvdb.org/62797
secunia.com/advisories/38899
www.securityfocus.com/archive/1/509984/100/0/threaded
www.securityfocus.com/bid/38611
www.vupen.com/english/advisories/2010/0555
www.zerodayinitiative.com/advisories/ZDI-10-026
exchange.xforce.ibmcloud.com/vulnerabilities/56757