Lucene search
HistoryMay 21, 2012 - 8:55 p.m.
CVE-2012-2561
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.9%
HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.
Affected configurations
Node
hpbusiness_service_managementMatch9.12
Related
securityvulns
securityvulns
HP Business Service Management multiple security vulnerabilities
2012-06-25 00:00:00
prion
prion
Code injection
2012-05-21 20:55:00
cve
cve
CVE-2012-2561
2012-05-21 20:55:21
cert
cert
HP Business Service Management 9.12 remote code execution vulnerability
2012-05-16 00:00:00
attackerkb
attackerkb
HP Business Service Management Remote Code Execution
2012-05-21 00:00:00
cvelist
cvelist
CVE-2012-2561
2012-05-21 20:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.9%
Related for NVD:CVE-2012-2561