Remote Code Execution Vulnerability in HP Operations Manager
CVE-2009-4189
Currently unrated
What is CVE-2009-4189?
HP Operations Manager contains a security flaw due to the default password of OvW*busr1 for the 'ovwebusr' account. This weakness permits remote attackers to exploit the manager role to conduct unrestricted file uploads, leading to arbitrary code execution through the /manager servlet in the Tomcat servlet container. This vulnerability poses significant security risks as it could be leveraged to compromise the system directly.