The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote malicious users to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp executive scorecard 9.40 |
||
hp executive scorecard 9.41 |