Remote Command Execution Vulnerability in HP Vertica's UDx Process
CVE-2015-6867

Currently unrated

Key Information:

Vendor: HP
Status: Vertica
Vendor: CVE Published:; 4 November 2015

What is CVE-2015-6867?

The HP Vertica UDx process in version 7.1.1 is vulnerable, allowing remote attackers to execute arbitrary commands without authentication by sending specially crafted packets. This could potentially lead to unauthorized access and control over the affected system, posing serious security risks to organizations utilizing this database management solution.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-535/

x_refsource_MISC

http://www.securityfocus.com/bid/77405

vdb-entryx_refsource_BID

https://h20566.www2.hpe.com/hpsc/doc/public/display?docId...

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 4, 2015
Vulnerability Reserved
Sep 10, 2015