Lucene search
AgixZDI-16-244HistoryApr 15, 2016 - 12:00 a.m.
Hewlett Packard Enterprise Vertica validateAdminConfig Remote Command Injection Vulnerability
2016-04-1500:00:00
agix
www.zerodayinitiative.com
20
0.933 High
EPSS
Percentile
99.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Vertica. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validateAdminConfig handler. By providing an mcPort parameter containing command injection, an attacker can execute arbitrary commands as root.
Related
cve
cve
CVE-2016-2002
2016-04-20 17:59:01
nvd
nvd
CVE-2016-2002
2016-04-20 17:59:01
cvelist
cvelist
CVE-2016-2002
2016-04-20 17:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Command injection
2016-04-20 17:59:00