Unrated severityNVD Advisory· Published Feb 9, 2011· Updated Apr 29, 2026

CVE-2011-0921

Description

crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.

Affected products

HP/Data Protector
cpe:2.3:a:hp:data_protector:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.vupen.com/english/advisories/2011/0308nvdVendor Advisory
dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-hpnvd
marc.infonvd
www.securityfocus.com/bid/46234nvd
zerodayinitiative.com/advisories/ZDI-11-057/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000