Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:HP-DATA-CVE-2016-2004-RCE

Severity

 Minor

Recommended

 Yes

Recommended Action

 Drop

Category

 APP

Keywords

 HP Data Protector CVE-2016-2004 Arbitrary Command Execution

Release Date

 2017/03/29

Update Number

 2846

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: HP Data Protector CVE-2016-2004 Arbitrary Command Execution


This signature detects attempts to exploit a known vulnerability against HP Data Protector. A successful attack can lead to arbitrary code execution.

Extended Description

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.

Affected Products

  • Hp data_protector 7.0
  • Hp data_protector 7.03
  • Hp data_protector 8.0
  • Hp data_protector 8.14
  • Hp data_protector 9.0
  • Hp data_protector 9.05

References

  • CVE: CVE-2016-2004
  • URL: http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05085988

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out