CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-4188

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1300%
EPSS Percentile28.95th
Published2009年12月3日
Last Modified2026年4月23日

Vulnerability Description

HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.

Affected Platforms (CPE)

📦
Hp

Operations Dashboard

All versions

References & Advisories

🔗 http://www.intevydis.com/blog/?p=87
🔗 http://www.securityfocus.com/bid/36258
🔗 http://www.intevydis.com/blog/?p=87
🔗 http://www.securityfocus.com/bid/36258

相关漏洞威胁

CVE-2009-309810.0

Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 on Windows Server 2003 SP2 allows remote attackers to have ...

CVE-2026-400899.9

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard co...

CVE-2020-73619.6

The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component. A...

CVE-2021-214808.8

SAP MII allows users to create dashboards and save them as JSP through the SSCE (Self Service Composition Environment). An attacke...