Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61685
HistoryMar 07, 2014 - 12:00 a.m.

HP SiteScope 'loadFileContents' SOAP请求远程代码执行漏洞

2014-03-0700:00:00
Root
www.seebug.org
9

0.402 Medium

EPSS

Percentile

96.9%

JSON

BUGTRAQ ID: 65972
CVE(CAN) ID: CVE-2013-6207

HP SiteScope是无代理监控软件,可维护其分布式IT 基础架构的可用性和性能。

SiteScope 10.1x, 11.1x, 11.21版本的loadFileContents SOAP功能存在安全漏洞,成功利用后可导致任意代码执行、任意文件下载和拒绝服务。
0
HP SiteScope 11.21
HP SiteScope 11.1x
HP SiteScope 10.1x
厂商补丁:

HP

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://itrc.hp.com
http://support.openview.hp.com/

Related

prion 1
zdi 1
cve 1
securityvulns 2
nessus 1
prion
prion
Design/Logic Flaw
2014-03-11 13:01:00
zdi
zdi
Hewlett-Packard SiteScope SOAP Arbitrary File Download and Denial of Service Vulnerability
2014-04-03 00:00:00
cve
cve
CVE-2013-6207
2014-03-11 13:01:00
securityvulns
securityvulns
HP SiteScope security vulnerabilities
2014-03-27 00:00:00
[security bulletin] HPSBMU02933 rev.2 - HP SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS)
2014-03-27 00:00:00
nessus
nessus
HP SiteScope Multiple Unspecified Remote Code Execution Vulnerabilities
2013-08-02 00:00:00

0.402 Medium

EPSS

Percentile

96.9%

JSON
Related for SSV:61685
prion1zdi1cve1securityvulns2nessus1