← back
CVE-2012-2561

CVE-2012-2561

EPSS 8.7%
HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=134013352316810&w=2http://osvdb.org/81981http://secunia.com/advisories/49218http://www.kb.cert.org/vuls/id/859230http://www.securityfocus.com/bid/53556http://www.securitytracker.com/id?1027075