Critical severity9.8CISA KEVNVD Advisory· Published Sep 16, 2013· Updated Jun 16, 2026

CVE-2013-4810

Description

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Microfocus/Application LifeCycle Management
cpe:2.3:a:hp:application_lifecycle_management:-:*:*:*:*:*:*:*
Microfocus/ProCurve Manager5 versions
cpe:2.3:a:hp:procurve_manager:3.20:*:*:*:-:*:*:*+ 4 more
- cpe:2.3:a:hp:procurve_manager:3.20:*:*:*:-:*:*:*
- cpe:2.3:a:hp:procurve_manager:3.20:*:*:*:plus:*:*:*
- cpe:2.3:a:hp:procurve_manager:4.0:*:*:*:-:*:*:*
- cpe:2.3:a:hp:procurve_manager:4.0:*:*:*:plus:*:*:*
- (no CPE)range: 3.20, 4.0
Microfocus/PCM+llm-create
Range: 3.20, 4.0
Microfocus/Identity Driven Managerllm-create
Range: 4.0

Patches

Vulnerability mechanics

References

www.exploit-db.com/exploits/28713/nvdExploitThird Party AdvisoryVDB Entry
h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/nvdBroken LinkVendor Advisory
secunia.com/advisories/54788nvdBroken LinkVendor Advisory
www.securitytracker.com/id/1029010nvdBroken LinkThird Party AdvisoryVDB Entry
zerodayinitiative.com/advisories/ZDI-13-229/nvdThird Party AdvisoryVDB Entry
marc.infonvdMailing List
marc.infonvdMailing List
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.063
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000