This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts of leveraging a path traversal vulnerability in the HP ProvCurve Manager SNAC which could lead to system compromise.
Procurve Manager (PCM) is a software for network management. Identity Driven Manager (IDM) is a plug-in to HP PCM+.
Multiple HP products are prone to a remote code-execution vulnerability that exist in the 'UpdateDomainControllerServlet' servlet. Specifically, this issue occurs because it fails to properly sanitize the 'adCert' argument. An attacker can exploit this issue to upload a specially crafted '.jsp' file.
Successfully exploiting this issue may allow an attacker to execute arbitrary code with SYSTEM privileges. Failed exploit attempts may result in a denial-of-service condition.
Note: This issue was previously discussed in BID 62301 (Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities), but has been given its own record to better document it.
- Multiple HP products are prone to a remote code-execution vulnerability that exist in the 'UpdateDomainControllerServlet' servlet.