Skip to main content

HPOpenView Operations Default Account Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 24 Nov 2009 5426 Views

RISK: Medium Risk

A vulnerability has been identified in HP OpenView Operations, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused due to a hidden account being present within the Tomcat users XML file, which could allow remote attackers to gain unauthorized access to the "org.apache.catalina.manager.HTMLManagerServlet" class and upload a malicious file via a POST request to "/manager/html/upload", leading to code execution with SYSTEM privileges.


Impact

  • Remote Code Execution

System / Technologies affected

  • HP Operations Manager for Windows version 8.10


Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Apply patch OMW_00032 or subsequent :
http://support.openview.hp.com/selfsolve/patches


Vulnerability Identifier


Source


Related Link