Main Vulnerability Database Vulnerabilities #VU41783

Input validation error in Universal Configuration Management Database - CVE-2013-6215

Published: April 20, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41783

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2013-6215

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: HPE

Affected software:
Universal Configuration Management Database

Detailed vulnerability description

The vulnerability allows a remote #AU# to execute arbitrary code.

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977.

How to mitigate CVE-2013-6215

Install update from vendor's website.

Sources

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04219959

Input validation error in Universal Configuration Management Database - CVE-2013-6215

Detailed vulnerability description

How to mitigate CVE-2013-6215

Sources

Please verify you're human