Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2024 and is owned by Tenable, Inc. or an Affiliate thereof.HP_IMC_CVE-2016-4372.NBIN
HistoryAug 23, 2016 - 12:00 a.m.

H3C / HPE Intelligent Management Center Java Object Deserialization RCE

2016-08-2300:00:00
This script is Copyright (C) 2016-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The H3C or HPE Intelligent Management Center (iMC) web server running on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted HTTP request, to execute arbitrary code on the target host.

Note that Intelligent Management Center (iMC) is an HPE product;
however, it is branded as H3C.

Binary data hp_imc_cve-2016-4372.nbin
VendorProductVersionCPE
hpintelligent_management_centercpe:/a:hp:intelligent_management_center

Related

prion 1
cve 1
zdt 1
nessus 1
impervablog 1
prion
prion
Design/Logic Flaw
2016-07-15 16:59:00
cve
cve
CVE-2016-4372
2016-07-15 16:59:00
zdt
zdt
HPE < 7.2 - Java Deserialization Exploit
2017-09-19 00:00:00
nessus
nessus
HP Intelligent Management Center Java Object Deserialization RCE
2016-08-24 00:00:00
impervablog
impervablog
Deserialization Attacks Surge Motivated by Illegal Crypto-mining
2018-01-24 17:45:08
JSON
Related for HP_IMC_CVE-2016-4372.NBIN
prion1cve1zdt1nessus1impervablog1