CVE-2011-0921
published 2011-02-09CVE-2011-0921: crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and…
PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
11.33%
95.4th percentile
crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-hphttp://marc.info/?l=bugtraq&m=130391284726795&w=2http://www.securityfocus.com/bid/46234http://www.vupen.com/english/advisories/2011/0308http://zerodayinitiative.com/advisories/ZDI-11-057/http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-hphttp://marc.info/?l=bugtraq&m=130391284726795&w=2http://www.securityfocus.com/bid/46234http://www.vupen.com/english/advisories/2011/0308http://zerodayinitiative.com/advisories/ZDI-11-057/
2011-02-09
Published