HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote malicious users to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp operations dashboard |