Arbitrary Command Execution in HPE Vertica Analytics Management Console (ZDI-CAN-3417)
CVE-2016-2002 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417.
Learn more about our Web Application Penetration Testing UK.