CVE-2017-5797

Name of the Vulnerable Software and Affected Versions HPE Intelligent Management Center (IMC) SOM version v7.3 (E0501)

Description A Remote Unauthenticated Disclosure of Information issue was discovered, potentially allowing unauthorized access to sensitive information. The vulnerability is related to the FileDownloadServlet in the Service Operation Manager Module, which may disclose the filePath information.

Recommendations For HPE Intelligent Management Center (IMC) SOM version v7.3 (E0501), consider restricting access to the FileDownloadServlet until a patch is available. As a temporary workaround, avoid using the filePath parameter in the affected API endpoint to minimize the risk of exploitation.