CVE-2013-4813

critical

HPE

CVSS v3 Base Score

10.0

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

6.4%

Exploitation probability in 30 days

Top 9% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: September 16, 2013 (4623 days ago)

Last Modified: April 29, 2026

Vendor: HPE

Source: NVD

Description

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

CWE

CWE-94

Affected Products

hp identity driven managerhp procurve manager

References

🔗 h20565.www2.hp.com 🔗 secunia.com 🔗 www.securitytracker.com 🔗 zerodayinitiative.com 🔗 h20565.www2.hp.com

CVE-2013-4813

Vulnerability Report

Description

CWE

Affected Products

References