CVE-2009-4188

Name of the Vulnerable Software and Affected Versions HP Operations Dashboard (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the "/manager" servlet in the Tomcat servlet container. This is possible due to a default password of j2deployer for the j2deployer account.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.