CVE-2009-3843 : HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML fil

HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.

Published 2009-11-24 00:30:00

Updated 2017-08-17 01:31:19

Source HP Inc.

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2009-3843

HP » Operations Manager » Version: 8.10 Windows Edition
cpe:2.3:a:hp:operations_manager:8.10:*:windows:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2009-3843

EPSS FAQ

70.53%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 98 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2009-3843

Apache Tomcat Manager Application Deployer Authenticated Code Execution

Disclosure Date: 2009-11-09

First seen: 2020-04-26

exploit/multi/http/tomcat_mgr_deploy

This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/h

More information
Tomcat Application Manager Login Utility

First seen: 2020-04-26

auxiliary/scanner/http/tomcat_mgr_login

This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass. Authors: - MC <mc@metasploit.com> - Matteo Cantoni <goony@nothink.org> - jduck <jduck@metasploit.com>

More information
Apache Tomcat Manager Authenticated Upload Code Execution

Disclosure Date: 2009-11-09

First seen: 2020-04-26

exploit/multi/http/tomcat_mgr_upload

This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The

More information

CVSS scores for CVE-2009-3843

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2009-3843

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2009-3843

Jump to

Vulnerability Details : CVE-2009-3843

Products affected by CVE-2009-3843

Exploit prediction scoring system (EPSS) score for CVE-2009-3843

Metasploit modules for CVE-2009-3843

Apache Tomcat Manager Application Deployer Authenticated Code Execution

Tomcat Application Manager Login Utility

Apache Tomcat Manager Authenticated Upload Code Execution

CVSS scores for CVE-2009-3843

CWE ids for CVE-2009-3843

References for CVE-2009-3843