Arbitrary Command Execution Vulnerability in HP Network Automation Software

Arbitrary Command Execution Vulnerability in HP Network Automation Software

CVE-2016-4385 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.

Learn more about our Cis Benchmark Audit For Apache Http Server.