Remote code execution in HP Operations Manager for Linux



Risk Critical
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-4373
CWE-ID CWE-119
Exploitation vector Network
Public exploit N/A
Vulnerable software
HP Operations Manager for Linux
Other

HP Operations Manager for Solaris
Other

HP Operations Manager for Unix
Other

Vendor Hewlett Packard Enterprise Development LP

Security Bulletin

This security bulletin contains one critical risk vulnerability.

1) Remote code execution

EUVDB-ID: #VU214

Risk: Critical

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red]

CVE-ID: CVE-2016-4373

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in HP Operations Manager for Unix, Solaris, and Linux using Apache Commons Collections (ACC). A remote unauthenticated attacker can cause a remote code execution.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Download the HP OM 9.21.130 patch at:

https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facetsearch/document/KM322544?...

Vulnerable software versions

HP Operations Manager for Linux: 9.20 - 9.21

HP Operations Manager for Solaris: 9.20 - 9.21

HP Operations Manager for Unix: 9.20 - 9.21

CPE2.3 External links

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05206507


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###