10.10

CVSS 8.5 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

NVD

Published: 2014-04-19

Updated: 2019-10-09

Summary

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP Universal Configuration Management Database 10.01 HP Universal Configuration Management Database 10.10	2

Seebug

bulletinFamily	exploit
description	Bugtraq ID:66963 CVE ID:CVE-2013-6215 HP Universal Configuration Management Database是惠普公司的统一配置管理数据库应用。 HP Universal Configuration Management Database存在一个未明安全漏洞，允许远程攻击者利用漏洞以应用程序上下文执行任意代码。 0 HP Universal Configuration Management Database Integration Service v10.01 HP Universal Configuration Management Database Integration Service v10.10 目前厂商已经发布了升级补丁以修复漏洞，请下载使用： HP Universal Configuration Management Database Integration Service v10.01 http://support.openview.hp.com/selfsolve/document/KM00692874 HP Universal Configuration Management Database Integration Service v10.10 http://support.openview.hp.com/selfsolve/document/KM00759032
id	SSV:62233
last seen	2017-11-19
modified	2014-04-21
published	2014-04-21
reporter	Root
title	HP Universal Configuration Management Database远程代码执行漏洞

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04219959