The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of HPE Application Performance Management

vulnerability note CVE-2012-2561

HP Business Service Management: code execution via WAR

Synthesis of the vulnerability

A remote attacker can deploy a WAR application in HP Business Service Management, in order to execute code with system privileges.
Impacted products: HPE BSM.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 21/05/2012.
Identifiers: BID-53556, c03377648, CVE-2012-2561, HPSBMU02792, SSRT100820, VIGILANCE-VUL-11634, VU#859230.

Description of the vulnerability

The HP Business Service Management product uses the JBoss Application Server product.

However, the configuration of JBoss is not secured, and allows the deployment of WAR archives. An attacker can thus deploy a malicious jsp-shell on the server.

A remote attacker can therefore deploy a WAR application in HP Business Service Management, in order to execute code with system privileges.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2011-0274

HP BAC, BSM: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting in HP Business Availability Center and HP Business Service Management.
Impacted products: HPE BAC, HPE BSM.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 21/01/2011.
Identifiers: BID-45944, c02678501, CERTA-2011-AVI-035, CVE-2011-0274, HPSBMA02622, SSRT100342, VIGILANCE-VUL-10289.

Description of the vulnerability

The HP BAC (Business Availability Center) and HP BSM (Business Service Management) products can be used to administer a service.

An attacker can generate a Cross Site Scripting in HP Business Availability Center and HP Business Service Management.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2010-0738 CVE-2010-1428 CVE-2010-1429

JBoss Enterprise Application Platform: three vulnerabilities

Synthesis of the vulnerability

An attacker can use three vulnerabilities of JBoss Enterprise Application Platform, in order to access to the console or to obtain sensitive information.
Impacted products: ControlMinder, HPE BAC, HPE BSM, HPE NNMi, Junos Space, Junos Space Network Management Platform, RHEL, JBoss EAP by Red Hat.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 27/04/2010.
Identifiers: BID-39710, c03057508, c03127140, c03824583, CA20130213-01, CERTA-2013-AVI-440, CVE-2010-0738, CVE-2010-1428, CVE-2010-1429, HPSBMU02714, HPSBMU02736, HPSBMU02894, RHSA-2010:0376-01, RHSA-2010:0377-01, RHSA-2010:0378-01, RHSA-2010:0379-01, SSRT100244, SSRT100699, VIGILANCE-VUL-9613.

Description of the vulnerability

Three vulnerabilities were announced in JBoss Enterprise Application Platform.

An attacker can use an HTTP query different from GET/POST in order to access to the JMX Console. [severity:3/4; CVE-2010-0738]

An attacker can use an HTTP query different from GET/POST in order to access to the Web Console (/web-console). [severity:3/4; CVE-2010-1428]

An attacker can access to the status servlet, in order to obtain sensitive information. [severity:2/4; CVE-2010-1429]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2004-2320 CVE-2005-3398

Utilisation de la méthode TRACE en complément d'une attaque Cross Site Scripting

Synthesis of the vulnerability

La méthode HTTP TRACE permet d'obtenir des compléments d'informations suite à une attaque de type Cross Site Scripting.
Impacted products: Apache httpd, HPE BSM, HP-UX, Domino, IIS, IE, Oracle iPlanet Web Server, Solaris, Trusted Solaris, WebLogic, HTTP protocol, Sun AS.
Severity: 1/4.
Consequences: client access/rights.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 23/01/2003.
Revisions dates: 24/01/2003, 27/01/2003, 13/02/2003, 05/05/2003, 08/09/2003, 27/01/2004, 04/11/2004.
Identifiers: 101176, 102016, 1201202, 200171, 200942, 5063481, 5090761, BEA04-48.00, BEA-048, BID-11604, BID-15222, BID-9506, BID-9561, c00612828, CVE-2004-2320, CVE-2005-3398, HP279, HPSBUX02101, KM03235847, SSRT051128, Sun Alert 50603, Sun Alert 57670, Sun Alert ID 50603, Sun Alert ID 57670, Sun BugID 4808654, Sun BugID 5063481, V6-XSSTRACING, VIGILANCE-VUL-3278, VU#867593.

Description of the vulnerability

Le protocole HTTP définit plusieurs méthodes :
 - HEAD : obtention des entêtes
 - GET : obtention d'un document
 - TRACE : écho des données reçues par le serveur
 - etc.

Certaines informations sensibles, comme les cookies ou les authentifications basiques, sont envoyées dans les entêtes HTTP. La méthode TRACE les re-envoie donc vers le client.

Les vulnérabilités de type Cross Site Scripting permettent de faire exécuter du code dans le contexte d'un serveur web.

Lorsqu'un attaquant emploie une vulnérabilité de type Cross Site Scripting, il peut donc mener une requête TRACE vers le serveur.

Cette vulnérabilité permet ainsi à un attaquant d'obtenir des informations complémentaires suite à une attaque Cross Site Scripting.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about HPE Application Performance Management: