Affected configuration(s):


Date published: 2014-06-19T06:50:04.160-04:00

Date last modified: 2014-06-26T00:49:40.617-04:00

CVSS Score: 10.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL:

Summary: The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.