Intrusion Prevention

HPE.IMC.TopoDebugServlet.Insecure.Deserialization

Description

This indicats an attack attempt to exploit an Information Disclosure Vulnerability in HP Intelligent Management Center
A remote, authenticated attacker can exploit this vulnerability by sending a request message with a specially crafted serialized object. Successful exploitation results in the execution of arbitrary code under the context of the SYSTEM or root user.

Affected Products

HP Intelligent Management Center

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

HP has not released an advisory or patch regarding this vulnerability