Remote Code Execution Vulnerability in HP Operations Agent on Solaris 10
CVE-2010-0444

Currently unrated

Key Information:

Vendor: HP
Status: Operations Agent
Vendor: CVE Published:; 9 February 2010

Summary

The HP Operations Agent versions 8.51, 8.52, 8.53, and 8.60 running on Solaris 10 are susceptible to a vulnerability due to the use of a blank password for the opc_op account. This weakness allows remote attackers to exploit unspecified vectors to execute arbitrary code, potentially compromising system integrity and confidentiality. Organizations utilizing these versions should implement security measures to mitigate risks associated with unauthorized access.

References

http://www.securityfocus.com/bid/38150

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=126566258722040&w=2

vendor-advisoryx_refsource_HP

http://osvdb.org/62213

vdb-entryx_refsource_OSVDB

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 9, 2010
Vulnerability Reserved
Jan 27, 2010