HP Operations Manager Remote Code Execution Vulnerability in CVE-2014-2649)
Release date: 2014-10-08
Updated on:
Affected Systems:
HP Operations Manager
Description:
Bugtraq id: 70353
CVE (CAN) ID: CVE-2014-2649
HP Operations Orchestration is an automated O & M manual platform that automates the change and deployment of client devices and data center infrastructure.
HP Operations Manager 9.10 and 9.11 have a code execution vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of the affected application.
<* Source: vendor
Https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay? DocId = emr_na-c04472866
*>
Suggestion:
Vendor patch:
HP
--
HP has released a Security Bulletin (HPSBMU03127) and corresponding patches for this:
HPSBMU03127: HP Operations Manager for UNIX, Remote Code Execution
Https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay? DocId = emr_na-c04472866
OMHPUX_00004
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01188205
ITOSOL_00802
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01187924
OML_00080
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01187666
9.11.120 Java UI patches: Component
Download Location
OMHPUX_00005
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01187192
ITOSOL_00803
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01187435
OML_00081
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01188103
9.20.300 server patches: Component
Download Location
OMHPUX_00006
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01188207
ITOSOL_00804
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01188065
OML_00082
Https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
Etse
Arch/document/KM01188209
This article permanently updates the link address: