Security Flaw in HP Business Service Management Allows Remote Code Execution
CVE-2012-2561

Currently unrated

Key Information:

Vendor

HP
Status
Business Service Management
Vendor
CVE Published:
21 May 2012

What is CVE-2012-2561?

An issue in HP Business Service Management 9.12 permits unauthorized uploading of .war files. This oversight enables remote attackers to execute arbitrary JSP code within the JBOSS Application Server component, leading to potential system compromise. Attackers can exploit this vulnerability by sending crafted requests to specific TCP ports (1098, 1099, or 4444), essentially bypassing safeguards and triggering harmful code execution.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/49218
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/53556
vdb-entryx_refsource_BID
http://www.kb.cert.org/vuls/id/859230
third-party-advisoryx_refsource_CERT-VN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.