Signature Detail
Short Name |
APP:HP-PROCRVE-MANAGER-CE |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
HP ProCurve Manager EJBInvokerServlet or JMXInvokerServlet Remote Code Execution |
Release Date |
2015/06/09 |
Update Number |
2503 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: HP ProCurve Manager EJBInvokerServlet or JMXInvokerServlet Remote Code Execution
This signature detects attempts to exploit a known vulnerability against HP ProCurve Manager. A successful attack can lead to arbitrary code execution.
Extended Description
HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760.
Affected Products
- hp application_lifecycle_management -
- hp identity_driven_manager 4.0
- hp procurve_manager 3.20 (:~~~plus~~)
- hp procurve_manager 4.0 (:~~~plus~~)
References
- BugTraq: 62347
- CVE: CVE-2013-4810