CyberSec.Space Logo
返回 CVE 浏览器

CVE-2010-0447

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile41.66th
Published2010年3月10日
Last Modified2026年4月29日

Vulnerability Description

The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.

Affected Platforms (CPE)

📦
Hp

Openview Performance Insight

<= 5.4

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=126815897824020&w=2
🔗 http://osvdb.org/62797
🔗 http://secunia.com/advisories/38899
🔗 http://www.securityfocus.com/archive/1/509984/100/0/threaded
🔗 http://www.securityfocus.com/bid/38611
🔗 http://www.vupen.com/english/advisories/2010/0555
🔗 http://www.zerodayinitiative.com/advisories/ZDI-10-026
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/56757

相关漏洞威胁

CVE-2011-027610.0

HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUs...

CVE-2011-24076.4

Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers ...

CVE-2011-24104.3

Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows re...

CVE-2011-24063.5

Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows re...