HP.PCM.SNAC.UpdateDomainControllerServlet.File.Upload

description-logoDescription

This indicates an attack attempt against an Arbitrary File Upload vulnerability in HP ProCurve Manager.
The vulnerability is caused by insufficient sanitizing of user-uploaded files when handling an unauthenticated file upload. It allows a remote attacker to upload an arbitrary file onto vulnerable systems.

affected-products-logoAffected Products

HP ProCurve Manager 3.20 and 4.0
HP ProCurve Manager Plus 3.20 and 4.0
HP Identity Driven Manager 4.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03897409

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-04-13 18.057 Sig Added