Arbitrary Command Execution in HPE Network Node Manager i (NNMi) via Serialized Java Object

CVE-2016-2009 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Learn more about our Cis Benchmark Audit For Apache Http Server.