File Upload Vulnerability in HP Operations Manager on Windows
CVE-2009-3843
Currently unrated
What is CVE-2009-3843?
HP Operations Manager 8.10 for Windows is susceptible to a file upload vulnerability due to the presence of a 'hidden account' in the XML file that configures Tomcat users. This flaw enables remote attackers to exploit the org.apache.catalina.manager.HTMLManagerServlet class for unrestricted file upload attacks, potentially leading to the execution of arbitrary code on the affected server.