Remote Code Execution in VMware Hyperic HQ by Groovy Script Console
CVE-2013-6366
Currently unrated
Summary
The Groovy script console present in VMware Hyperic HQ version 4.6.6 contains a vulnerability that enables remote authenticated administrators to execute arbitrary code on the server. This flaw arises from improper handling of commands executed through the Runtime.getRuntime().exec call. An attacker with administrative access can leverage this vulnerability to run malicious scripts, potentially compromising the integrity and availability of the server.
References
Timeline
Vulnerability Reserved
Vulnerability published