Vulnerability Description
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Identity Driven Manager | 4.0 |
| Hp | Procurve Manager | 3.20 |
Related Weaknesses (CWE)
References
- http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?dVendor Advisory
- http://secunia.com/advisories/54788
- http://www.securitytracker.com/id/1029010
- http://zerodayinitiative.com/advisories/ZDI-13-228/
- http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?dVendor Advisory
- http://secunia.com/advisories/54788
- http://www.securitytracker.com/id/1029010
- http://zerodayinitiative.com/advisories/ZDI-13-228/
FAQ
What is CVE-2013-4813?
CVE-2013-4813 is a vulnerability with a CVSS score of 10.0 (HIGH). The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a ...
How severe is CVE-2013-4813?
CVE-2013-4813 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4813?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Identity Driven Manager, Hp Procurve Manager.