HP SiteScope SOAP Call getFileInternal Remote Code Execution Vulnerability
Gravedad: Crítico
Fecha recomendada: 21 de julio de 2015
Descripción
HP SiteScope is prone to multiple security-bypass vulnerabilities. Successful exploits may allow attackers to bypass the bypass security restrictions and to perform unauthorized actions such as execution of arbitrary code in the context of the application.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1005257
Trend Micro Deep Security DPI Rule Name: 1005257 - HP SiteScope APISiteScopeImpl Web Service 'getFileInternal' Or 'getSiteScopeConfiguration' Request Detected
Software y versión afectados
- HP SiteScope