HP SiteScope SOAP Call getFileInternal Remote Code Execution Vulnerability
危険度: 緊急
情報公開日: 7 21, 2015
概要
HP SiteScope is prone to multiple security-bypass vulnerabilities. Successful exploits may allow attackers to bypass the bypass security restrictions and to perform unauthorized actions such as execution of arbitrary code in the context of the application.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1005257
Trend Micro Deep Security DPI Rule Name: 1005257 - HP SiteScope APISiteScopeImpl Web Service 'getFileInternal' Or 'getSiteScopeConfiguration' Request Detected
影響を受けるソフトウェア
- HP SiteScope