Remote Code Execution Vulnerability in HP Operations Manager
CVE-2009-4189

Currently unrated

Key Information:

Vendor: HP
Status: Operations Manager
Vendor: CVE Published:; 3 December 2009

What is CVE-2009-4189?

HP Operations Manager contains a security flaw due to the default password of OvW*busr1 for the 'ovwebusr' account. This weakness permits remote attackers to exploit the manager role to conduct unrestricted file uploads, leading to arbitrary code execution through the /manager servlet in the Tomcat servlet container. This vulnerability poses significant security risks as it could be leveraged to compromise the system directly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.intevydis.com/blog/?p=87

x_refsource_MISC

EPSS Score

83% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 3, 2009

JSON

HP

What is CVE-2009-4189?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.