Vulnerabilities > CVE-2014-2607 - Remote Code Execution vulnerability in HP Operations Manager i

CVSS 8.5 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

nessus

NVD

Published: 2014-05-26

Updated: 2019-10-09

Summary

Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP Operations Manager I 9.1 HP Operations Manager I 9.2 HP Operations Manager I 9.12 HP Operations Manager I 9.13 HP Operations Manager I 9.23 HP Operations Manager I 9.24	6

Nessus

NASL family	Windows
NASL id	HP_OPS_MANAGERI_HPSBMU03042.NASL
description	The HP Operations Manager i (OMi) installed on the remote host is version 9.1 or 9.2. It is, therefore, affected by an unspecified code execution vulnerability that allows an authenticated, remote attacker to execute arbitrary code by leveraging the OMi operator role.
last seen	2020-06-01
modified	2020-06-02
plugin id	74253
published	2014-05-30
reporter	This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/74253
title	HP Operations Manager i (OMi) 9.1 / 9.2 RCE

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04296442