HP Operations Manager for Windows 8.x and 9.0 Java Object Deserialization RCE

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a remote code execution vulnerability.

Description :

The version of HP Operations Manager installed on the remote host has
the Sam Admin Adapter installed. This package is no longer supported
by HP and is affected by a remote code execution vulnerability due to
unsafe deserialize calls of unauthenticated Java objects to the Apache
Commons Collections (ACC) library. An unauthenticated, remote attacker
can exploit this, by sending a crafted SOAP request, to execute
arbitrary code on the target host.

See also :

http://www.nessus.org/u?f33d8ea9

Solution :

Remove the Sam Admin Adapter package since it is unsupported.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 88562 ()

Bugtraq ID: 82259

CVE ID: CVE-2016-1985

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now