Executive Summary

Title HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion
Name HPSBMU02691 SSRT100483 First vendor Publication 2011-07-27
Vendor HP Last vendor Modification 2011-07-27
Severity (Vendor) N/A Revision 2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:P)
Cvss Base Score 6.4 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A potential security vulnerability has been identified in HP Performance Agent and HP Operations Agent. The vulnerability can be exploited by remote unauthenticated users to delete arbitrary files.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02941034

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

Application 2
Application 7

Open Source Vulnerability Database (OSVDB)

Id Description
73502 HP Operations Manager OV Communication Broker (ovbbccb.exe) Register Request ...

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-08-04 IAVM : 2011-B-0091 - HP Operations Manager Arbitrary File Deletion Vulnerability
Severity : Category I - VMSKEY : V0029567

Nessus® Vulnerability Scanner

Date Description
2013-09-27 Name : The remote web server has an arbitrary file deletion vulnerability.
File : hp_openview_bbc_file_deletion.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2013-11-11 12:41:00
  • Multiple Updates