CVE-2012-2561

critical

HPE

CVSS v3 Base Score

10.0

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

4.2%

Exploitation probability in 30 days

Top 11% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: May 21, 2012 (5106 days ago)

Last Modified: April 29, 2026

Vendor: HPE

Source: NVD

Description

HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.

CWE

CWE-264

Affected Products

hp business service management

References

🔗 marc.info 🔗 osvdb.org 🔗 secunia.com 🔗 www.kb.cert.org 🔗 www.securityfocus.com

CVE-2012-2561

Vulnerability Report

Description

CWE

Affected Products

References