Date published: 2014-06-19T06:50:04.160-04:00
Date last modified: 2014-06-26T00:49:40.617-04:00
CVSS Score: 10.0
Principal attack vector: NETWORK
Reference URL: http://www.securityfocus.com/bid/68093
Summary: The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.