APP: HP Performance Insight Helpmanager Servlet Remote Code Execution
This signature detects attempts to exploit a known vulnerability against HP OpenView. A successful attack can lead to arbitrary code execution.
Extended Description
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
Affected Products
Hp openview_performance_insight
References
CVE: CVE-2010-0447
Short Name
APP:HPOV:CVE-2010-0447-RCE
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
CVE-2010-0447 Code Execution HP Helpmanager Insight Performance Remote Servlet
Release Date
10/27/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Hp
CVSS Score
10.0