CVE-2014-2609

N/A

Beschreibung

The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.

CVE Details

CVSS v3.1 BewertungN/A

Veroffentlicht6/19/2014

Zuletzt geandert4/12/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

hp:executive_scorecard

Schwachen (CWE)

CWE-287

Referenzen

http://secunia.com/advisories/59363(hp-security-alert@hp.com)

http://www.securityfocus.com/bid/68093(hp-security-alert@hp.com)

http://www.securitytracker.com/id/1030439(hp-security-alert@hp.com)

http://zerodayinitiative.com/advisories/ZDI-14-208/(hp-security-alert@hp.com)

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295(hp-security-alert@hp.com)

http://secunia.com/advisories/59363(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/68093(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1030439(af854a3a-2127-422b-91ae-364da2661108)

http://zerodayinitiative.com/advisories/ZDI-14-208/(af854a3a-2127-422b-91ae-364da2661108)

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.