{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-09-09T00:00:00", "descriptions": [{"lang": "en", "value": "HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-04T09:57:01", "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp"}, "references": [{"name": "HPSBPV02918", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409"}, {"name": "28713", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/28713/"}, {"name": "SSRT101127", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409"}, {"tags": ["x_refsource_MISC"], "url": "http://zerodayinitiative.com/advisories/ZDI-13-229/"}, {"name": "HPSBGN03323", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=143039425503668&w=2"}, {"name": "1029010", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029010"}, {"name": "HPSBGN02952", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=138696448823753&w=2"}, {"name": "54788", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/54788"}, {"name": "SSRT102036", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=143039425503668&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "hp-security-alert@hp.com", "ID": "CVE-2013-4810", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "HPSBPV02918", "refsource": "HP", "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409"}, {"name": "28713", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/28713/"}, {"name": "SSRT101127", "refsource": "HP", "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409"}, {"name": "http://zerodayinitiative.com/advisories/ZDI-13-229/", "refsource": "MISC", "url": "http://zerodayinitiative.com/advisories/ZDI-13-229/"}, {"name": "HPSBGN03323", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=143039425503668&w=2"}, {"name": "1029010", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029010"}, {"name": "HPSBGN02952", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=138696448823753&w=2"}, {"name": "54788", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54788"}, {"name": "SSRT102036", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=143039425503668&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:52:27.256Z"}, "title": "CVE Program Container", "references": [{"name": "HPSBPV02918", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409"}, {"name": "28713", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/28713/"}, {"name": "SSRT101127", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://zerodayinitiative.com/advisories/ZDI-13-229/"}, {"name": "HPSBGN03323", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143039425503668&w=2"}, {"name": "1029010", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1029010"}, {"name": "HPSBGN02952", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=138696448823753&w=2"}, {"name": "54788", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/54788"}, {"name": "SSRT102036", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143039425503668&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "assignerShortName": "hp", "cveId": "CVE-2013-4810", "datePublished": "2013-09-13T18:00:00", "dateReserved": "2013-07-12T00:00:00", "dateUpdated": "2024-08-06T16:52:27.256Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"cisaActionDue": "2022-04-15", "cisaExploitAdd": "2022-03-25", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "HP Multiple Products Remote Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:application_lifecycle_management:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5B01474-2B07-4448-8265-6F3189697B5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:identity_driven_manager:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9E53CBFD-1B02-4536-A969-3088C478F76C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:procurve_manager:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "07C125F5-3219-479F-8532-51043CADF585", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:procurve_manager:3.20:*:*:*:*:plus:*:*", "matchCriteriaId": "3F072161-6C3C-4509-8857-EDD535F40ADE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:procurve_manager:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "079151A1-D257-43EE-B1BB-80405AEE5501", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:procurve_manager:4.0:*:*:*:*:plus:*:*", "matchCriteriaId": "6A81C312-DAC2-48AB-AD87-0CD64D3088A1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874."}, {"lang": "es", "value": "HP ProCurve Manager (PCM) 3.20 y 4.0, PCM+ 3.20 y 4.0, Identity Driven Manager (IDM) 4.0 y Application Lifecycle Managemen permiten a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un objeto marshalizado a (1) EJBInvokerServlet o (2) JMXInvokerServlet, tambi\u00e9n conocido como ZDI-CAN-1760. NOTA: esto es probablemente un duplicado de CVE-2007-1036, CVE-2010-0738 y/o CVE-2012-0874."}], "id": "CVE-2013-4810", "lastModified": "2024-07-16T17:56:56.137", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2013-09-16T13:01:46.207", "references": [{"source": "hp-security-alert@hp.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409"}, {"source": "hp-security-alert@hp.com", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=138696448823753&w=2"}, {"source": "hp-security-alert@hp.com", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=143039425503668&w=2"}, {"source": "hp-security-alert@hp.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/54788"}, {"source": "hp-security-alert@hp.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1029010"}, {"source": "hp-security-alert@hp.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://zerodayinitiative.com/advisories/ZDI-13-229/"}, {"source": "hp-security-alert@hp.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/28713/"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "(PCM): invoker servlets do not require authentication", "id": "1031829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031829"}, "csaw": false, "cvss": {"cvss_base_score": "10.0", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "status": "draft"}, "details": ["HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874."], "name": "CVE-2013-4810", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "unknown", "product_name": "Red Hat JBoss Enterprise Web Server 1"}], "public_date": "2013-09-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-4810\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-4810\nhttps://access.redhat.com/site/articles/545183\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "CVE-2013-4810 refers to the exposure of unauthenticated JMXInvokerServlet and EJBInvokerServlet interfaces on HP ProCurve Manager (PCM). These servlets are also, however, exposed without authentication on older, unsupported community releases of JBoss AS (WildFly) 4.x and 5.x.\nAll supported Red Hat JBoss products that include the JMXInvokerServlet and EJBInvokerServlet interfaces apply authentication by default and are not affected by this issue. \nCommunity releases of JBoss AS (WildFly) 7.x are also not affected by this issue.\nUsers of older, unsupported community releases of JBoss AS (WildFly) are advised to follow the instructions available here to apply authentication to the invoker servlet interfaces:\nhttps://community.jboss.org/wiki/SecureJboss/\nNote: Red Hat has been aware of this issue since 2012, as identified in CVE-2012-0874, and addressed the issue for supported Red Hat JBoss products based on JBoss AS 4.x and 5.x.", "threat_severity": "Critical"}