Code Execution Vulnerability in HP OpenView Performance Insight Server
CVE-2011-0276

Currently unrated

Key Information:

Vendor
HP
Status
Openview Performance Insight
Vendor
CVE Published:
2 February 2011

Summary

The HP OpenView Performance Insight Server contains a security flaw due to a hidden account in the com.trinagy.security.XMLUserManager Java class. This vulnerability enables remote attackers to execute arbitrary code through the doPost method in the com.trinagy.servlet.HelpManagerServlet class, leading to potential compromise of the server. Organizations using affected versions should prioritize patching to mitigate risks associated with unauthorized access and system control.

References

http://osvdb.org/70754
vdb-entryx_refsource_OSVDB
http://www.zerodayinitiative.com/advisories/ZDI-11-034
x_refsource_MISC
http://h20000.www2.hp.com/bizsupport/TechSupport/Document...
vendor-advisoryx_refsource_HP

EPSS Score

86% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2011-0276 : Code Execution Vulnerability in HP OpenView Performance Insight Server | SecurityVulnerability.io