Command Execution Vulnerability in HP ProCurve Manager and IDM
CVE-2013-4813

Currently unrated

Key Information:

Vendor: HP
Status: Procurve Manager; Identity Driven Manager
Vendor: CVE Published:; 16 September 2013

Summary

A vulnerability in the Agent servlet of HP ProCurve Manager and Identity Driven Manager allows remote attackers to execute arbitrary commands through specifically crafted HEAD requests. This weakness can potentially be exploited to gain unauthorized access and perform malicious actions on the affected systems, posing significant security risks to organizations using these products. Organizations are advised to review the relevant security guidelines and apply necessary patches to mitigate this threat.

References

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/...

vendor-advisoryx_refsource_HP

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/...

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id/1029010

vdb-entryx_refsource_SECTRACK

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 16, 2013
Vulnerability Reserved
Jul 12, 2013