HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3099 and CVE-2009-3843.
Published 2009-12-03 17:30:02
Updated 2009-12-04 05:00:00
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2009-4189

0.64%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2009-4189

  • Apache Tomcat Manager Application Deployer Authenticated Code Execution
    Disclosure Date: 2009-11-09
    First seen: 2020-04-26
    exploit/multi/http/tomcat_mgr_deploy
    This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/h
  • Tomcat Application Manager Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/tomcat_mgr_login
    This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass. Authors: - MC <mc@metasploit.com> - Matteo Cantoni <goony@nothink.org> - jduck <jduck@metasploit.com>
  • Apache Tomcat Manager Authenticated Upload Code Execution
    Disclosure Date: 2009-11-09
    First seen: 2020-04-26
    exploit/multi/http/tomcat_mgr_upload
    This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The

CVSS scores for CVE-2009-4189

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
10.0
HIGH AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
NIST

CWE ids for CVE-2009-4189

  • Assigned by: nvd@nist.gov (Primary)

Products affected by CVE-2009-4189

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!