This script is Copyright (C) 2016 Tenable Network Security, Inc.
A web application hosted on the remote web server is affected by a
remote code execution vulnerability.
The version of HP Intelligent Management Center (IMC) installed on the
remote Windows host is prior to 7.2. It is, therefore, affected by a
remote code execution vulnerability due to unsafe deserialize calls of
unauthenticated Java objects to the Apache Commons Collections (ACC)
library. An unauthenticated, remote attacker can exploit this, by
sending a crafted HTTP request, to execute arbitrary code on the
See also :
Upgrade to HP IMC version 7.2 E0403P04 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true