cpe:/a:hp:operations_dashboard CVE-2009-4188 2009-12-03T12:30:02.233-05:00 2009-12-04T00:00:00.000-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-12-04T09:29:00.000-05:00 BID 36258 MISC http://www.intevydis.com/blog/?p=87 HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.