HP SiteScope SOAP Call update Remote Code Execution Vulnerability
Severity: : Critical
Advisory Date: 21 lipca 2015
DESCRIPTION
HP SiteScope is prone to multiple security-bypass vulnerabilities. Successful exploits may allow attackers to bypass the bypass security restrictions and to perform unauthorized actions such as execution of arbitrary code in the context of the application.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005233
Trend Micro Deep Security DPI Rule Name: 1005233 - HP SiteScope API Preferences Web Service Update Or Create Request Detected
AFFECTED SOFTWARE AND VERSION:
- HP SiteScope