Executive Summary

Summary
Title HP Business Service Management 9.12 remote code execution vulnerability
Informations
Name VU#859230 First vendor Publication 2012-05-16
Vendor VU-CERT Last vendor Modification 2012-05-16
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#859230

HP Business Service Management 9.12 remote code execution vulnerability

Original Release date: 16 May 2012 | Last revised: 16 May 2012

Overview

The HP Business Service Management (HPBSM) application contains a remote code execution vulnerability. Version 9.12 has been reported to be affected but other versions may also be affected.

Description

HPBSM uses the JBOSS application server. In the default configuration, HPBSM contains open ports that may be accessed by an unauthenticated attacker. The attacker can upload a jsp-shell as a .war file and have the JBOSS application server deploy it as a service. In the default configuration, this attacker shell will run with SYSTEM privileges.

Impact

An unauthenticated attacker may be able to deploy a backdoor shell with SYSTEM privileges.

Solution

We are currently unaware of a practical solution to this problem. Please consider the following workarounds.

Restrict Access

Implement appropriate firewall rules to block traffic from untrusted sources to TCP ports 4444, 1098, and 1099.

Vendor Information

VendorStatusDate NotifiedDate Updated
Hewlett-Packard CompanyAffected02 Apr 201216 May 2012

CVSS Metrics (Learn More)

GroupScoreVector
Base10.0AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal9.0E:H/RL:U/RC:UC
Environmental9.0CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

  • http://www8.hp.com/us/en/software/software-solution.html?compURI=tcm:245-937035

Credit

Thanks to David Elze of Daimler TSS for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

  • CVE IDs:CVE-2012-2561
  • Date Public:16 May 2012
  • Date First Published:16 May 2012
  • Date Last Updated:16 May 2012
  • Document Revision:17

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify

Original Source

Url : http://www.kb.cert.org/vuls/id/859230

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1