Vulnerability Details : CVE-2011-0276
Public exploit exists!
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
Vulnerability category: Execute code
Products affected by CVE-2011-0276
- cpe:2.3:a:hp:openview_performance_insight:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_performance_insight:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_performance_insight:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_performance_insight:5.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:openview_performance_insight:5.41:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-0276
96.74%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2011-0276
-
HP OpenView Performance Insight Server Backdoor Account Code Execution
Disclosure Date: 2011-01-31First seen: 2020-04-26exploit/windows/http/hp_openview_insight_backdoorThis module exploits a hidden account in the com.trinagy.security.XMLUserManager Java class. When using this account, an attacker can abuse the com.trinagy.servlet.HelpManagerServlet class and write arbitrary files to the system allowing the execution of arbitrary
CVSS scores for CVE-2011-0276
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2011-0276
-
http://www.exploit-db.com/exploits/16984
HP OpenView Performance Insight Server - Backdoor Account Code Execution (Metasploit) - Windows remote Exploit
-
http://securityreason.com/securityalert/8136
HP OpenView Performance Insight Server Backdoor Account Code Execution - CXSecurity.com
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/65038
HP OpenView Performance Insight doPost() code execution CVE-2011-0276 Vulnerability Report
-
http://www.securityfocus.com/bid/46079
HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453
Vendor Advisory
-
http://www.zerodayinitiative.com/advisories/ZDI-11-034
ZDI-11-034 | Zero Day Initiative
-
http://www.securityfocus.com/archive/1/516093/100/0/threaded
SecurityFocus
-
http://www.securitytracker.com/id?1025014
HP OpenView Performance Insight Server Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.vupen.com/english/advisories/2011/0258
Webmail | OVH- OVHVendor Advisory
Jump to