发布日期:2014-10-08
更新日期:2014-10-13
受影响系统:
HP Operations Manager
描述:
BUGTRAQ ID: 70353
CVE(CAN) ID: CVE-2014-2649
HP Operations Orchestration是一款运维手册自动化平台,可实现客户端设备和数据中心基础设施变更、部署的自动化。
HP Operations Manager 9.10、9.11版本在实现上存在代码执行漏洞,攻击者可利用此漏洞在受影响应用上下文中执行任意代码。
<*来源:vendor
链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04472866
*>
建议:
厂商补丁:
HP
--
HP已经为此发布了一个安全公告(HPSBMU03127)以及相应补丁:
HPSBMU03127:HP Operations Manager for UNIX, Remote Code Execution
链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04472866
OMHPUX_00004
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01188205
ITOSOL_00802
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01187924
OML_00080
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01187666
9.11.120 Java UI patches: Component
Download Location
OMHPUX_00005
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01187192
ITOSOL_00803
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01187435
OML_00081
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01188103
9.20.300 server patches: Component
Download Location
OMHPUX_00006
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01188207
ITOSOL_00804
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01188065
OML_00082
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/fac
etse
arch/document/KM01188209