RMI服务在惠普网络自动化软件9.1 x 9.2 x 10.0 x 10.00.02.01之前,和10.1 x之前10.11.00.01允许远程攻击者执行任意命令通过一个精心序列化的Java对象,与Apache Commons (ACC)和Commons BeanUtils库集合。
http://www.securityfocus.com/bid/93109
http://www.zerodayinitiative.com/advisories/ZDI-16-523/
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05279098