Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:HPE-NA-RMI-DESER
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	APP
Keywords	HPE Network Automation RMI Registry Insecure Deserialization
Release Date	2016/10/06
Update Number	2784
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: HPE Network Automation RMI Registry Insecure Deserialization

This signature detects attempts to exploit a known vulnerability in the RMI registry of HPE Network Automation. Successful exploitation would result in the execution of arbitrary code under the context of the RMI registry process.

Extended Description

The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.

Affected Products

Hp network_automation 10.00
Hp network_automation 10.00.01
Hp network_automation 10.00.02
Hp network_automation 10.10
Hp network_automation 10.11
Hp network_automation 9.10
Hp network_automation 9.20
Hp network_automation 9.22
Hp network_automation 9.22.01
Hp network_automation 9.22.02

References

CVE: CVE-2016-4385

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: HPE Network Automation RMI Registry Insecure Deserialization

Extended Description

Affected Products

References