HP.OpenView.Performance.Insight.Server.DoPost.Code.Execution
Description
This indicates an attack attempt to exploit a code execution vulnerability in HP OpenView Performance Insight Server.
This issue is caused by lacking of checking the file content uploaded by the "hidden account" in the com.trinagy.security.XMLUserManager Java class. It may allow remote attackers to execute arbitrary code by uploading a crafted JSP file.
Affected Products
HP OpenView Performance Insight 5.4.1
HP OpenView Performance Insight 5.4
HP OpenView Performance Insight 5.3.1
HP OpenView Performance Insight 5.3
HP OpenView Performance Insight 5.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |