CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-2561

HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.043

EPSS Ranking 88.3%

CVSS Severity

CVSS v2 Score 10.0

References

http://marc.info/?l=bugtraq&m=134013352316810&w=2
http://marc.info/?l=bugtraq&m=134013352316810&w=2
http://osvdb.org/81981
http://secunia.com/advisories/49218
http://www.kb.cert.org/vuls/id/859230
http://www.securityfocus.com/bid/53556
http://www.securitytracker.com/id?1027075
http://marc.info/?l=bugtraq&m=134013352316810&w=2
http://marc.info/?l=bugtraq&m=134013352316810&w=2
http://osvdb.org/81981
http://secunia.com/advisories/49218
http://www.kb.cert.org/vuls/id/859230
http://www.securityfocus.com/bid/53556
http://www.securitytracker.com/id?1027075

Products affected by CVE-2012-2561

Hp » Business Service Management » Version: 9.12

cpe:2.3:a:hp:business_service_management:9.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2561

Products

Pricing

Contact Us