CVE-2016-4385 HPE Network Automation Java Deserialization Vulnerability (HPSBGN03649)

漏洞类别:Local

漏洞等级:

漏洞信息

HPE Network Automation software automates network configuration and change management (NCCM) from provisioning to policy-based change and security.

HPE Network Automation is affected by a Java object deserialization vulnerability in Apache Commons-Collections and Commons-BeanUtils library which can be exploited remotely allowing remote code execution.

Affected Versions:
HPE Network Automation 9.1x, 9.2x
HPE Network Automation 10.0x prior to 10.00.02.01
HPE Network Automation 10.1x prior to 10.11.00.01

QID detection logic (Authenticated):
Operating Systems: Windows
The QID checks the key “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPE Network Automation” value “DisplayVersion”.
The following Versions and Interim Fixes checked (HPSBGN03649):
HPE Network Automation 9.1x, 9.2x
HPE Network Automation 10.0x prior to 10.00.02.01
HPE Network Automation 10.1x prior to 10.11.00.01

漏洞危害

Successful exploitation of the vulnerability will lead to remote code execution.

解决方案

The vendor has released a fix. Refer to HPSBGN03649 for details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

HPSBGN03649

Leave a Reply