Skip to main content
CVE-2013-4810 CRITICAL POC KEV THREAT Emergency

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

HP Code Injection RCE
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
89.6%
Threat
7.6
CVE-2013-4811 CRITICAL POC THREAT Emergency

UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 83.5%.

HP RCE Identity Driven Manager Procurve Manager
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
83.5%
Threat
6.0
CVE-2013-4812 CRITICAL POC THREAT Emergency

UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 74.0%.

HP RCE Identity Driven Manager Procurve Manager
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
74.0%
Threat
5.7
CVE-2013-4813 CRITICAL Act Now

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection HP RCE Identity Driven Manager Procurve Manager
NVD
CVSS 2.0
10.0
EPSS
6.4%
CVE-2013-5369 CRITICAL Act Now

IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 might allow remote attackers to execute arbitrary code by deploying and accessing a service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Code Injection RCE Spss Analytical Decision Management
NVD
CVSS 2.0
9.3
EPSS
8.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy