CVE-2014-2609CVE-2014-2609

Affected configuration(s):

cpe:/a:hp:executive_scorecard:9.40
cpe:/a:hp:executive_scorecard:9.41

Date published: 2014-06-19T06:50:04.160-04:00

Date last modified: 2014-06-26T00:49:40.617-04:00

CVSS Score: 10.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.securityfocus.com/bid/68093

Summary: The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *