PT-2013-5233 · Hewlett Packard · Hp Sitescope

Publicado

2013-11-04

Atualizado

2017-07-01

CVE-2013-4835

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions HP SiteScope versions 10.1x through 11.21 HP SiteScope version 11.x before 11.22

Description The issue allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method.

Recommendations For HP SiteScope versions 10.1x through 11.21, update to version 11.22 or later. For HP SiteScope version 11.x before 11.22, update to version 11.22 or later. As a temporary workaround, consider disabling the issueSiebelCmd method until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2013-4835

ZDI-13-263

Produtos afetados

Hp Sitescope

PT-2013-5233 · Hewlett Packard · Hp Sitescope

CVE-2013-4835

Identificadores relacionados

Produtos afetados

Referências · 8