Attack (Attack ID:320542)

Release Date2017-09-26

Attack NameWEB-OTHER HPE Intelligent Management Center Apache Commons Collections (ACC) library Insecure Deserialization (CVE-2016-4372)

Severity

BUG ID

CVE ID

 

Description

An remote attackers can execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library in HPE Intelligent Management Center.
Impact: Remote code execution
Affected System: Windows
Additional References: CVE-2016-4372; EDB:42756; BID:91739

 

Solution

Update vendor's patch.