Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2016-2004

Published: 21/04/2016 Updated: 12/07/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 940
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Data Protector

Vulnerability Summary

HPE Data Protector prior to 7.03_108, 8.x prior to 8.15, and 9.x prior to 9.06 allow remote malicious users to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

hp data protector

Exploits

Exploit DB: HP Data Protector A.09.00 - Arbitrary Command Execution
#!/usr/bin/python # # Exploit Title: Data Protector Encrypted Communications # Date: 26-05-2016 # Exploit Author: Ian Lovering # Vendor Homepage: www8hpcom/uk/en/software-solutions/data-protector-backup-recovery-software/ # Version: A0900 and earlier # Tested on: Windows Server 2008 # CVE : CVE-2016-2004 # # This proof of concept demo ...
Exploit DB: HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)
# Exploit Title: Data Protector Encrypted Communications # Date: 26-05-2016 # Exploit Author: Ian Lovering # Vendor Homepage: www8hpcom/uk/en/software-solutions/data-protector-backup-recovery-software/ # Version: A0900 and earlier # Tested on: Windows Server 2008 # CVE : CVE-2016-2004 # ## # This module requires Metasploit: metas ...
Exploit DB: HP Data Protector A.09.00 Command Execution
HP Data Protector version A0900 suffers from an arbitrary command execution vulnerability ...

References

CWE-306http://www.kb.cert.org/vuls/id/267328https://www.exploit-db.com/exploits/39858/https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988http://packetstormsecurity.com/files/137341/HP-Data-Protector-Encrypted-Communication-Remote-Command-Execution.htmlhttps://www.exploit-db.com/exploits/39874/http://packetstormsecurity.com/files/137199/HP-Data-Protector-A.09.00-Command-Execution.htmlhttp://www.securitytracker.com/id/1035631https://nvd.nist.govhttps://www.exploit-db.com/exploits/39858/https://www.kb.cert.org/vuls/id/267328
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook