CVE-2014-2609

Published: Jun 19, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SSRT101436

vendor-advisory

x_refsource_HP

59363

third-party-advisory

x_refsource_SECUNIA

http://zerodayinitiative.com/advisories/ZDI-14-208/

x_refsource_MISC

68093

vdb-entry

x_refsource_BID

1030439

vdb-entry

x_refsource_SECTRACK

HPSBMU03048

vendor-advisory

x_refsource_HP

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-2609

Description

Affected Products

References