HP Business Service Management CVE-2012-2561 Remote Code Execution Vulnerability

Bugtraq ID:	53556
Class:	Input Validation Error
CVE:	CVE-2012-2561
Remote:	Yes
Local:	No
Published:	May 16 2012 12:00AM
Updated:	Jun 26 2012 05:50PM
Credit:	David Elze
Vulnerable:	HP Business Service Management 9.12
Not Vulnerable:

HP Business Service Management CVE-2012-2561 Remote Code Execution Vulnerability

HP Business Service Management is prone to a remote code-execution vulnerability.

Successfully exploiting this issue allows a remote attacker to execute arbitrary code with SYSTEM privileges, resulting in a complete compromise of the affected computer.

HP Business Service Management 9.12 is vulnerable; other versions may also be affected.

HP Business Service Management CVE-2012-2561 Remote Code Execution Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

HP Business Service Management CVE-2012-2561 Remote Code Execution Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

HP Business Service Management CVE-2012-2561 Remote Code Execution Vulnerability

References:

• HP Business Service Management Homepage (HP)
  
• Vulnerability Note VU#859230 HP Business Service Management 9.12 remote code exe (US-CERT)