HP » Operations Dashboard : Security Vulnerabilities, CVEs, CVSS score >= 5
CVE-2009-4188
Public exploit
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
Max CVSS
10.0
EPSS Score
3.12%
Published
2009-12-03
Updated
2009-12-04
Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
Max CVSS
10.0
EPSS Score
0.44%
Published
2009-09-08
Updated
2019-02-26
2 vulnerabilities found