CVSS: 10.0EPSS: 96%CPEs: 5EXPL: 1CVE-2013-4812 – HP PCM+ SNAC Registration Server UpdateCertificatesServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-4812
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743. El servlet UpdateCertificatesServlet en el servicio de registro de SNAC en HP ProCurve Manager (PCM) 3.20 y 4.0, PCM+ 3.20 y 4.0, e Identity Driven Manager (IDM) 4.0 no valida apropiadamente el argumento "fileName" lo que permite a atacantes remotos subir ficheros .jsp y en consecuencia ejecutar código arbitrario a través de vectores sin especificar , tambien conocido como ZDI-CAN-1743. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UpdateCertificatesServlet. This servlet improperly sanitizes the 'fileName' argument allowing the remote attacker could upload a .jsp file. • https://www.exploit-db.com/exploits/28337 http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409 http://secunia.com/advisories/54788 http://www.securitytracker.com/id/1029010 http://zerodayinitiative.com/advisories/ZDI-13-225 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 96%CPEs: 5EXPL: 1CVE-2013-4811 – HP PCM+ SNAC Registration Server UpdateDomainControllerServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-4811
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743. UpdateDomainControllerServlet en el servidor de registro SNAC de HP ProCurve Manager (PCM) 3.20 y 4.0, PCM+ 3.20 y 4.0 e Identity Driven Manager (IDM) 4.0 no valida apropiadamente el argumento adCert, lo que permite a atacantes remotos cargar archivos .jsp y consecuentemente ejecutar código a discrección a través de vectores no especificados, tambien conocido como ZDI-CAN-1743. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UpdateDomainControllerServlet. This servlet improperly sanitizes the 'adCert' argument allowing the remote attacker could upload a .jsp file. • https://www.exploit-db.com/exploits/28336 http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409 http://secunia.com/advisories/54788 http://www.securitytracker.com/id/1029010 http://zerodayinitiative.com/advisories/ZDI-13-226 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 9%CPEs: 5EXPL: 0CVE-2013-4813 – HP PCM+ AgentController Servlet Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-4813
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745. El servlet Agent (Aka AgentController) en HP ProCurve Manager (PCM) 3.20 y 4.0, PCM+ 3.20 y 4.0, y Identity Driven Manager (IDM) 4.0, permite a atacantes remotos ejecutar comandos de su elección a través de una petición HEAD. Aka ZDI-CAN-1745. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus. Authentication is not required to exploit this vulnerability. The specific flaws exist within the Agent servlet. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409 http://secunia.com/advisories/54788 http://www.securitytracker.com/id/1029010 http://zerodayinitiative.com/advisories/ZDI-13-228 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 86%CPEs: 6EXPL: 1CVE-2013-4810 – HP Multiple Products Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-4810
HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874. HP ProCurve Manager (PCM) 3.20 y 4.0, PCM+ 3.20 y 4.0, Identity Driven Manager (IDM) 4.0 y Application Lifecycle Managemen permiten a atacantes remotos ejecutar código arbitrario a través de un objeto marshalizado a (1) EJBInvokerServlet o (2) JMXInvokerServlet, también conocido como ZDI-CAN-1760. NOTA: esto es probablemente un duplicado de CVE-2007-1036, CVE-2010-0738 y/o CVE-2012-0874. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus and Application Lifecycle Management. • https://www.exploit-db.com/exploits/28713 http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409 http://marc.info/?l=bugtraq&m=138696448823753&w=2 http://marc.info/?l=bugtraq&m=143039425503668&w=2 http://secunia.com/advisories/54788 http://www.securitytracker.com/id/1029010 http://zerodayinitiative.com/advisories/ZDI-13-229 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 3%CPEs: 5EXPL: 0CVE-2013-4809 – HP PCM+ GetEventsServlet SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-4809
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter. Multiples inyecciones SQL en GetEventsServlet en HP ProCurve Manager (PCM) 3.20 y 4.0, PCM+ 3.20 y 4.0, e Identity Driven Manager (IDM) 4.0, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de los parámetros (1) sort o (2) dir. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetEventsServlet. This servlet contains a SQL injection vulnerability in the sort and dir arguments. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409 http://secunia.com/advisories/54788 http://www.securitytracker.com/id/1029010 http://zerodayinitiative.com/advisories/ZDI-13-227 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •