Published: 02/02/2011 Updated: 10/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote malicious users to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp openview performance insight 5.2
hp openview performance insight 5.3
hp openview performance insight 5.4
hp openview performance insight 5.31
hp openview performance insight 5.41

## # $Id: hp_openview_insight_backdoorrb 11969 2011-03-15 21:56:11Z swtornio $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require ' ...

NVD-CWE-Other http://www.securitytracker.com/id?1025014 http://www.vupen.com/english/advisories/2011/0258 http://www.zerodayinitiative.com/advisories/ZDI-11-034 http://www.securityfocus.com/bid/46079 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453 http://secunia.com/advisories/43145 http://osvdb.org/70754 http://www.exploit-db.com/exploits/16984 http://securityreason.com/securityalert/8136 https://exchange.xforce.ibmcloud.com/vulnerabilities/65038 http://www.securityfocus.com/archive/1/516093/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/16984/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-0276

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect