Is CVE-2011-0276 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Hp Openview_performance_insight

CVE-2011-0276

HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the co…

EPSS: 0.831 (99.3th percentile) — read the EPSS interpretation.

Affected products

Hp Openview_performance_insight — versions 5.2, 5.3, 5.4
N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

70754 (x_refsource_OSVDB, vdb-entry)
hp-security-alert@hp.com (x_refsource_MISC)
SSRT090246 (Vendor Advisory, x_refsource_HP, vendor-advisory)
20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
8136 (x_refsource_SREASON, third-party-advisory)
16984 (exploit, x_refsource_EXPLOIT-DB)
1025014 (vdb-entry, x_refsource_SECTRACK)
openview-dopost-code-execution(65038) (vdb-entry, x_refsource_XF)
43145 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
ADV-2011-0258 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)

Frequently asked questions

What is CVE-2011-0276?: CVE-2011-0276 is a vulnerability in Hp Openview_performance_insight. Published 2011-02-02.
Is CVE-2011-0276 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.