Lucene search
Jacob BainesTenable Network SecurityZDI-16-616HistoryNov 30, 2016 - 12:00 a.m.
Hewlett Packard Enterprise Network Automation RPCServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability
2016-11-3000:00:00
Jacob BainesTenable Network Security
www.zerodayinitiative.com
40
EPSS
0.209
Percentile
96.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Network Automation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exposed RPCServlet. By sending a crafted request, the application can be made to deserialize untrusted data. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process.
Related
checkpoint_advisories
checkpoint_advisories
HPE Network Automation RPCServlet Insecure Deserialization (CVE-2016-8511)
2016-12-18 00:00:00
openvas
openvas
HP Network Automation RCE Vulnerability (HPSBGN03677)
2016-12-01 00:00:00
nvd
nvd
CVE-2016-8511
2018-02-15 22:29:00
nessus
nessus
HP Network Automation RPCServlet Java Object Deserialization RCE
2016-12-09 00:00:00
prion
prion
Remote code execution
2018-02-15 22:29:00
cvelist
cvelist
CVE-2016-8511
2018-02-15 22:00:00
cve
cve
CVE-2016-8511
2018-02-15 22:29:00