HIGH🇵🇱 Wersja polska

CVE-2013-4813

CVSS 10.0v2.0pub. 2013-09-16upd. 2026-04-29

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • HP Identity Driven Manager

    APP
    Hp
    4.0
  • HP Procurve Manager

    APP
    Hp
    3.204.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2013-4810CRITICAL9.8⚠ KEVten sam produkt

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application ...

CVE-2013-4809HIGH7.5ten sam produkt

Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.2...

CVE-2013-4811HIGH10.0ten sam produkt

UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ ...

CVE-2013-4812HIGH10.0ten sam produkt

UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20...

CVE-2007-4514MEDIUM5.0ten sam produkt

Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote at...