APP: HP Intelligent Management Center SOM euAccountSerivce Authentication Bypass
This signature detects a known authentication bypass vulnerability in the SOM add-in module of HP Intelligent Management Center. It is due to a lack of authentication in the euAccountSerivce (sic) servlet when processing HTTP request parameters. By sending crafted HTTP requests to the target system, a remote unauthenticated attacker can leverage this vulnerability to create a web administration account on a target system.
Extended Description
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-1644.
Affected Products
Hp imc_service_operation_management_software_module
Short Name
APP:HPIM-SOM-EUACCNT-BYPASS
Severity
Minor
Recommended
False
Recommended Action
None
Category
APP
Keywords
Authentication Bypass CVE-2013-4824 Center HP Intelligent Management SOM euAccountSerivce
Release Date
11/20/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Rarely
Vendors
Hp
CVSS Score
7.5