HP.Data.Protector.Client.EXEC_SETUP.Remote.Code.Execution
Description
This indicates an attack attempt against a remote code execution vulnerability in HP Data Protector Client.
The vulnerability is caused by a design weakness in the processing of the EXEC_SETUP messages. It allows an attacker to execute arbitrary code by sending a crafted command to the target service.
Affected Products
HP OpenView Storage Data Protector 5.5
HP OpenView Storage Data Protector 6.11
HP OpenView Storage Data Protector 6.10
HP OpenView Storage Data Protector 6.1
HP OpenView Storage Data Protector 6.0
HP OpenView Storage Data Protector 5.1
HP Data Protector Manager A.06.11
HP Data Protector Manager 6.11
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |