3 matches found
CVE-2014-2609
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116...
CVE-2014-2609
The CVE affects HP Executive Scorecard (v9.40 and v9.41) where the Java Glassfish Admin Console allows unauthenticated remote code execution via a session on TCP port 10001. Root cause: authentication bypass on the Glassfish admin interface leading to arbitrary code execution under SYSTEM. Impact...
[security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04341295 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04341295 Version: 1 HPSBMU03048 rev....