HP.PCM.SNAC.UpdateDomainControllerServlet.File.Upload
Description
This indicates an attack attempt against an Arbitrary File Upload vulnerability in HP ProCurve Manager.
The vulnerability is caused by insufficient sanitizing of user-uploaded files when handling an unauthenticated file upload. It allows a remote attacker to upload an arbitrary file onto vulnerable systems.
Affected Products
HP ProCurve Manager 3.20 and 4.0
HP ProCurve Manager Plus 3.20 and 4.0
HP Identity Driven Manager 4.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03897409
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-04-13 | 18.057 | Sig Added |