CVE-2013-4835

Currently unrated

Key Information:

Vendor: HP
Status: Sitescope
Vendor: CVE Published:; 4 November 2013

Summary

The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.exploit-db.com/exploits/30473

exploitx_refsource_EXPLOIT-DB

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

EPSS Score

97% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 4, 2013
Vulnerability Reserved
Jul 12, 2013