thrunt.me Applied Cybernetics Group

March 25, 2022 · Applied Cybernetics Group

CVE-2013-4810 — Hewlett Packard (HP) ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management

HP Multiple Products Remote Code Execution Vulnerability

Added to KEV
2022-03-25
Federal due date
2022-04-15
Vendor
Hewlett Packard (HP)
Product
ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management
EPSS
99.6th percentile (score 0.897, as of 2026-06-08)
NVD CVSS v3.1
Ransomware use
Unknown
Upstream
https://nvd.nist.gov/vuln/detail/CVE-2013-4810

CISA short description

HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.

Required action

Apply updates per vendor instructions.

EPSS percentile is the FIRST.org exploit-probability ranking as of the date noted above; it moves daily. CVSS reflects NVD's analysis at time of publication.