Vulnerability CVE-2017-5822


Published: 2018-02-15

Description:
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Type:

CWE-284

(Improper Access Control)

Vendor: HP
Product: Intelligent management center 
Version:
7.3
7.2
7.0
5.2
5.1
5.0

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:C/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Complete
None

 References:
http://www.securitytracker.com/id/1038560
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03746en_us

Related CVE
CVE-2018-6490
Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
CVE-2017-8984
A remote code execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506P03 was found.
CVE-2017-8983
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
CVE-2017-8982
A Remote Authentication Restriction Bypass vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
CVE-2017-8981
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.
CVE-2017-8980
A Remote Disclosure of Information vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVE-2017-8979
Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.
CVE-2017-8978
A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Products version MFA 4.0 proxy was found.

Copyright 2018, cxsecurity.com

 

Back to Top