HP.Data.Protector.Client.EXEC_SETUP.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt against a remote code execution vulnerability in HP Data Protector Client.
The vulnerability is caused by a design weakness in the processing of the EXEC_SETUP messages. It allows an attacker to execute arbitrary code by sending a crafted command to the target service.

affected-products-logoAffected Products

HP OpenView Storage Data Protector 5.5
HP OpenView Storage Data Protector 6.11
HP OpenView Storage Data Protector 6.10
HP OpenView Storage Data Protector 6.1
HP OpenView Storage Data Protector 6.0
HP OpenView Storage Data Protector 5.1
HP Data Protector Manager A.06.11
HP Data Protector Manager 6.11

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)