Critical HP Vulnerability Allows Remote Code Execution and Authentication Bypass

Home/Security Advisory, Security Update, Tips, vulnerability/Critical HP Vulnerability Allows Remote Code Execution and Authentication Bypass

Critical HP Vulnerability Allows Remote Code Execution and Authentication Bypass

A newly disclosed flaw in HPE’s Insight CMU v8.2, CVE-2024-13804, allows attackers to bypass authentication and execute remote commands, posing a major risk to HPC clusters.

All about HP Vulnerability

The flaw exists in CMU’s Java-based client, allowing attackers to bypass authentication and gain admin access.

Once an attacker obtains administrative access, they can execute arbitrary commands on the backend server, effectively taking control of all connected nodes within the cluster. The attack method involves decompiling the CMU’s Java application (.jar file), modifying its authentication mechanisms, and bypassing client-side authorization checks like the isAdmin validation. By recompiling the altered application, attackers unlock full administrative functionality.

Additionally, they can exploit Java Remote Method Invocation (RMI) classes embedded in the application to run commands remotely on the backend server.

Since these commands are executed with root privileges, the attacker gains complete control over the system, posing a serious threat to high-performance computing (HPC) clusters.

Impact of the Vulnerability

The vulnerability in HPE’s Insight Cluster Management Utility (CMU) allows attackers to gain full administrative control over both management and compute nodes in HPC clusters. This includes access to Integrated Lights-Out (ILO) interfaces, potentially leading to further exploitation.

Since CMU is no longer supported, with no security updates or patches available, organizations using it are especially vulnerable. Immediate actions should include:

  • Network Isolation: Restrict access to the CMU environment.
  • Access Controls: Limit administrative access to trusted personnel.
  • Migration: Move to supported cluster management solutions.

The vulnerability, reported in May 2023, was not disclosed until early 2025, highlighting challenges with EoL software. Users must rely on their own mitigation strategies to protect against exploitation.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

Post Views: 137
By | 2025-04-02T07:56:42+05:30 April 1st, 2025|Security Advisory, Security Update, Tips, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!