HID.discoveryd.CommandBlinkOn.Unauth.Remote.Command.Execution
Description
This indicates an attack attempt to exploit a Remote Command Execution vulnerability in HP Enterprise VAN SDN Controller.
The vulnerability is due to insufficient validation on user input when the vulnerable software handles a maliciously crafted request. A remote attacker may be able to exploit this to execute arbitrary command or code within the context of the application, via a crafted request.
Affected Products
HID EDGEPlus E400 version 3.5.1.1483 and prior
HID EDGEPlus Solo ES400 version 3.5.1.1483 and prior
HID EDGE EVO EH400 version 3.5.1.1483 and prior
HID EDGE EVO Solo EHS400 version 3.5.1.1483 and prior
HID VertX EVO V2-V1000 version 3.5.1.1483 and prior
HID VertX EVO V2-V2000 version 3.5.1.1483 and prior
HID VertX Legacy V1000 version 2.2.7.568 and prior
HID VertX Legacy V2000 version 2.2.7.568 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor provided patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |