logo
DATABASE RESOURCES PRICING ABOUT US

HP Intelligent Management Center Java Object Deserialization RCE

Description

The version of HP Intelligent Management Center (IMC) installed on the remote Windows host is prior to 7.2. It is, therefore, affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted HTTP request, to execute arbitrary code on the target host.


Related