HPE Network Node Manager任意命令执行漏洞(CVE-2016-2009)
HPE Network Node Manager任意命令执行漏洞(CVE-2016-2009)
HPE Network Node Manager任意命令执行漏洞(CVE-2016-2009)
发布日期:2016-05-07
更新日期:2016-05-09
受影响系统:
HP Network Node Manager i 9.25
HP Network Node Manager i 9.24
HP Network Node Manager i 9.23
HP Network Node Manager i 9.20
HP Network Node Manager i 10.01
HP Network Node Manager i 10.00
描述:
CVE(CAN) ID: CVE-2016-2009
HP Network Node Manager i-series (NNMi)软件可提供强大的开箱即用功能,帮助您的网络运行团队高效管理任意规模的网络。
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, 10.01存在任意命令执行漏洞, 可使经身份验证的远程用户通过构造的序列化Java对象, 执行任意命令。
<*来源:HP
链接:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05103564
*>
建议:
厂商补丁:
HP
--
HP已经为此发布了一个安全公告(HPSBMU03584)以及相应补丁:
HPSBMU03584:HPE Network Node Manager I (NNMi), Multiple Remote Vulnerabilities
链接:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05103564
补丁下载:
NNMi version 9.2x
注意:要求安装 9.2x series patch 5
Windows
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM02020463
Linux
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/LID/NNM920L_00022
HP-UX
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/LID/NNM920H_00022
Solaris
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM02020460
NNMi version 10.0x
Windows
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01865498
Linux
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01865484
本文永久更新链接地址:
评论暂时关闭