Summary
This host is running HP SAN/iQ Virtual SAN Appliance and is prone to remote command execution vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary commands the context of an application.
Impact Level: System/Application
Solution
Upgrade to HP SAN/iQ 9.5 or later,
For updates refer to http://www.hp.com/
Insight
The flaw is due to an error in 'lhn/public/network/ping' which does not properly handle shell meta characters in the second parameter.
Affected
HP SAN/iQ version prior to 9.5 on HP Virtual SAN Appliance
References
Severity
Classification
-
CVE CVE-2012-4361 -
CVSS Base Score: 7.7
AV:A/AC:L/Au:S/C:C/I:C/A:C
Related Vulnerabilities