Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:HPE-OO-DESERIALIZATION
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	HPE Operations Orchestration central-remoting Insecure Deserialization
Release Date	2017/09/14
Update Number	2989
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: HPE Operations Orchestration central-remoting Insecure Deserialization

This signature detects attempts to exploit a known vulnerability in HPE Operations Orchestration. Successful exploitation could result in arbitrary code execution in the context of the application.

Extended Description

A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.

Affected Products

Hp operations_orchestration 10.70

References

CVE: CVE-2017-8994

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: HPE Operations Orchestration central-remoting Insecure Deserialization

Extended Description

Affected Products

References