Unrated severityNVD Advisory· Published Apr 27, 2015· Updated Jun 17, 2026
CVE-2015-2117
CVE-2015-2117
Description
HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS) before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by (1) uploading this code within an archive or (2) instantiating a class.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:hp:tippingpoint_security_management_system:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:hp:tippingpoint_security_management_system:*:*:*:*:*:*:*:*range: <=4.2
- (no CPE)range: <4.1 patch 3; >=4.2 <patch 1
- cpe:2.3:a:hp:tippingpoint_virtual_security_management_system:*:*:*:*:*:*:*:*Range: <=4.2
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.