HP.OVPI.Helpmanager.Servlet.Remote.Code.Execution

description-logoDescription

This indicates a possible attack against a remote command-execution vulnerability in HP OpenView Performance Insight.
The vulnerability is due the application's failure to sufficiently check user input. An attacker may exploit this to upload arbitrary .jsp files which may be executed remotely.

affected-products-logoAffected Products

HP OpenView Performance Insight 5.1.2
HP OpenView Performance Insight 5.1.1
HP OpenView Performance Insight 5.4
HP OpenView Performance Insight 5.2
HP OpenView Performance Insight 5.1
HP OpenView Performance Insight 5.0
HP Performance Insight 5.4
HP Performance Insight 5.3

Impact logoImpact

System compromise

recomended-action-logoRecommended Actions

Apply the update released by the vendor:
https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02033170

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)