CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
73.7%
The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Vendor | Product | Version | CPE |
---|---|---|---|
hp | operations_manager | * | cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:* |
hp | operations_manager | * | cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:* |
hp | operations_manager | * | cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:* |
hp | operations_manager | 9.20.0 | cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:* |
hp | operations_manager | 9.20.0 | cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:solaris:*:*:* |
hp | operations_manager | 9.20.0 | cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:unix:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
73.7%