Intrusion Prevention



This indicates an attack attempt to exploit a Command Injection vulnerability in HP Enterprise Vertica.
The vulnerability is caused by an improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to execute arbitrary commands in the context of the vulnerable application via a crafted request.

Affected Products

HPE Vertica 7.0.x prior to
HPE Vertica 7.1.x prior to 7.1.2-12
HPE Vertica 7.2.x prior to 7.2.2-1


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor

CVE References