Intrusion Prevention

HP.System.Management.Anonymous.Access.Code.Execution

Description

This indicates an attack attempt against a remote Code Execution vulnerability in HP System Management.
The vulnerability is caused by an error when the vulnerable software handles a malicious HTTP request with a crafted URI. It allows a remote attacker to execute arbitrary code via sending a crafted URI to a vulnerable application.

Affected Products

HP System Management 7.1.1 and prior versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.
The application uses SSL by default, hence the signature requires SSL deep scan in FortiOS 5.0 and above to detect this attack.