What is CVE-2009-3843?

CVE-2009-3843 is a vulnerability in N/a. Published 2009-11-24.

Is CVE-2009-3843 known to be exploited?

16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-3843

HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org…

EPSS: 0.868 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

HPSBMA02478 (x_refsource_HP, vendor-advisory)
www.zerodayinitiative.com/advisories/ZDI-09-085/ (x_refsource_MISC)
operations-manager-unspecified-sec-bypass(54361) (vdb-entry, x_refsource_XF)
1023222 (vdb-entry, x_refsource_SECTRACK)
37444 (x_refsource_SECUNIA, third-party-advisory)
60317 (x_refsource_OSVDB, vdb-entry)

Frequently asked questions

What is CVE-2009-3843?: CVE-2009-3843 is a vulnerability in N/a. Published 2009-11-24.
Is CVE-2009-3843 known to be exploited?: 16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.